Ticket #19576: VBoxHardening.log

File VBoxHardening.log, 503.7 KB (added by ci-zephyurus, 4 years ago)
VBoxHardening.log when virtualbox crashed under host windows 10

Line
1	6cec.6cf0: Log file opened: 6.1.4r136177 g_hStartupLog=0000000000000090 g_uNtVerCombined=0xa047bb00
2	6cec.6cf0: \SystemRoot\System32\ntdll.dll:
3	6cec.6cf0: CreationTime: 2020-05-03T03:29:33.075535900Z
4	6cec.6cf0: LastWriteTime: 2020-05-03T03:29:33.128546900Z
5	6cec.6cf0: ChangeTime: 2020-05-04T03:07:36.221273200Z
6	6cec.6cf0: FileAttributes: 0x20
7	6cec.6cf0: Size: 0x1e8460
8	6cec.6cf0: NT Headers: 0xd8
9	6cec.6cf0: Timestamp: 0xb29ecf52
10	6cec.6cf0: Machine: 0x8664 - amd64
11	6cec.6cf0: Timestamp: 0xb29ecf52
12	6cec.6cf0: Image Version: 10.0
13	6cec.6cf0: SizeOfImage: 0x1f0000 (2031616)
14	6cec.6cf0: Resource Dir: 0x17f000 LB 0x6f310
15	6cec.6cf0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16	6cec.6cf0: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17	6cec.6cf0: ProductName: Microsoft® Windows® Operating System
18	6cec.6cf0: ProductVersion: 10.0.18362.815
19	6cec.6cf0: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
20	6cec.6cf0: FileDescription: NT Layer DLL
21	6cec.6cf0: \SystemRoot\System32\kernel32.dll:
22	6cec.6cf0: CreationTime: 2020-04-15T16:13:02.961257500Z
23	6cec.6cf0: LastWriteTime: 2020-04-15T16:13:02.986662000Z
24	6cec.6cf0: ChangeTime: 2020-05-03T03:30:23.798603800Z
25	6cec.6cf0: FileAttributes: 0x20
26	6cec.6cf0: Size: 0xb0498
27	6cec.6cf0: NT Headers: 0xe8
28	6cec.6cf0: Timestamp: 0x21b07e83
29	6cec.6cf0: Machine: 0x8664 - amd64
30	6cec.6cf0: Timestamp: 0x21b07e83
31	6cec.6cf0: Image Version: 10.0
32	6cec.6cf0: SizeOfImage: 0xb2000 (729088)
33	6cec.6cf0: Resource Dir: 0xb0000 LB 0x520
34	6cec.6cf0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35	6cec.6cf0: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36	6cec.6cf0: ProductName: Microsoft® Windows® Operating System
37	6cec.6cf0: ProductVersion: 10.0.18362.778
38	6cec.6cf0: FileVersion: 10.0.18362.778 (WinBuild.160101.0800)
39	6cec.6cf0: FileDescription: Windows NT BASE API Client DLL
40	6cec.6cf0: \SystemRoot\System32\KernelBase.dll:
41	6cec.6cf0: CreationTime: 2020-05-03T03:29:33.628657500Z
42	6cec.6cf0: LastWriteTime: 2020-05-03T03:29:33.729681700Z
43	6cec.6cf0: ChangeTime: 2020-05-04T03:07:35.945225300Z
44	6cec.6cf0: FileAttributes: 0x20
45	6cec.6cf0: Size: 0x2a4068
46	6cec.6cf0: NT Headers: 0xf8
47	6cec.6cf0: Timestamp: 0xb89efff3
48	6cec.6cf0: Machine: 0x8664 - amd64
49	6cec.6cf0: Timestamp: 0xb89efff3
50	6cec.6cf0: Image Version: 10.0
51	6cec.6cf0: SizeOfImage: 0x2a4000 (2768896)
52	6cec.6cf0: Resource Dir: 0x27e000 LB 0x548
53	6cec.6cf0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54	6cec.6cf0: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55	6cec.6cf0: ProductName: Microsoft® Windows® Operating System
56	6cec.6cf0: ProductVersion: 10.0.18362.815
57	6cec.6cf0: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
58	6cec.6cf0: FileDescription: Windows NT BASE API Client DLL
59	6cec.6cf0: \SystemRoot\System32\apisetschema.dll:
60	6cec.6cf0: CreationTime: 2019-03-19T04:43:54.837151500Z
61	6cec.6cf0: LastWriteTime: 2019-03-19T04:43:54.837151500Z
62	6cec.6cf0: ChangeTime: 2020-05-03T03:30:23.758596400Z
63	6cec.6cf0: FileAttributes: 0x20
64	6cec.6cf0: Size: 0x1d028
65	6cec.6cf0: NT Headers: 0xc8
66	6cec.6cf0: Timestamp: 0xd6ced080
67	6cec.6cf0: Machine: 0x8664 - amd64
68	6cec.6cf0: Timestamp: 0xd6ced080
69	6cec.6cf0: Image Version: 10.0
70	6cec.6cf0: SizeOfImage: 0x1e000 (122880)
71	6cec.6cf0: Resource Dir: 0x1d000 LB 0x408
72	6cec.6cf0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73	6cec.6cf0: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74	6cec.6cf0: ProductName: Microsoft® Windows® Operating System
75	6cec.6cf0: ProductVersion: 10.0.18362.1
76	6cec.6cf0: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
77	6cec.6cf0: FileDescription: ApiSet Schema DLL
78	6cec.6cf0: Found driver SymNetS (0x2)
79	6cec.6cf0: Found driver SRTSPX (0x2)
80	6cec.6cf0: Found driver SymEvent (0x2)
81	6cec.6cf0: Found driver SymIRON (0x2)
82	6cec.6cf0: supR3HardenedWinFindAdversaries: 0x2
83	6cec.6cf0: \SystemRoot\System32\drivers\symevent64x86.sys:
84	6cec.6cf0: CreationTime: 2018-05-07T20:10:45.241730500Z
85	6cec.6cf0: LastWriteTime: 2019-03-21T09:37:41.102289300Z
86	6cec.6cf0: ChangeTime: 2019-10-07T03:10:05.970074600Z
87	6cec.6cf0: FileAttributes: 0x20
88	6cec.6cf0: Size: 0x186e0
89	6cec.6cf0: NT Headers: 0xf0
90	6cec.6cf0: Timestamp: 0x5bbbe164
91	6cec.6cf0: Machine: 0x8664 - amd64
92	6cec.6cf0: Timestamp: 0x5bbbe164
93	6cec.6cf0: Image Version: 6.3
94	6cec.6cf0: SizeOfImage: 0x21000 (135168)
95	6cec.6cf0: Resource Dir: 0x1f000 LB 0x3c8
96	6cec.6cf0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
97	6cec.6cf0: [Raw version resource data: 0x1f0b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
98	6cec.6cf0: ProductName: SYMEVENT
99	6cec.6cf0: ProductVersion: 14.0.7.71
100	6cec.6cf0: FileVersion: 14.0.7.71
101	6cec.6cf0: FileDescription: Symantec Event Library
102	6cec.6cf0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
103	6cec.6cf0: Calling main()
104	6cec.6cf0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
105	6cec.6cf0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
106	6cec.6cf0: SUPR3HardenedMain: Respawn #1
107	6cec.6cf0: System32: \Device\HarddiskVolume8\Windows\System32
108	6cec.6cf0: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
109	6cec.6cf0: KnownDllPath: C:\WINDOWS\System32
110	6cec.6cf0: supR3HardenedWinInit: Performing a limited self purification...
111	6cec.6cf0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
112	6cec.6cf0: *0000000000000000-00000000004affff 0x0001/0x0000 0x0000000
113	6cec.6cf0: *00000000004b0000-00000000004bffff 0x0004/0x0004 0x0040000
114	6cec.6cf0: 00000000004c0000-00000000004cffff 0x0001/0x0000 0x0000000
115	6cec.6cf0: *00000000004d0000-00000000004eafff 0x0002/0x0002 0x0040000
116	6cec.6cf0: 00000000004eb000-00000000004effff 0x0001/0x0000 0x0000000
117	6cec.6cf0: *00000000004f0000-00000000005a0fff 0x0000/0x0004 0x0020000
118	6cec.6cf0: 00000000005a1000-00000000005a3fff 0x0104/0x0004 0x0020000
119	6cec.6cf0: 00000000005a4000-00000000005effff 0x0004/0x0004 0x0020000
120	6cec.6cf0: *00000000005f0000-00000000005f3fff 0x0002/0x0002 0x0040000
121	6cec.6cf0: 00000000005f4000-00000000005fffff 0x0001/0x0000 0x0000000
122	6cec.6cf0: *0000000000600000-0000000000647fff 0x0000/0x0004 0x0020000
123	6cec.6cf0: 0000000000648000-000000000064afff 0x0004/0x0004 0x0020000
124	6cec.6cf0: 000000000064b000-00000000007fffff 0x0000/0x0004 0x0020000
125	6cec.6cf0: *0000000000800000-0000000000801fff 0x0004/0x0004 0x0020000
126	6cec.6cf0: 0000000000802000-000000000080ffff 0x0001/0x0000 0x0000000
127	6cec.6cf0: *0000000000810000-00000000008d6fff 0x0002/0x0002 0x0040000
128	6cec.6cf0: 00000000008d7000-000000000093ffff 0x0001/0x0000 0x0000000
129	6cec.6cf0: *0000000000940000-000000000094efff 0x0004/0x0004 0x0020000
130	6cec.6cf0: 000000000094f000-0000000000a3ffff 0x0000/0x0004 0x0020000
131	6cec.6cf0: *0000000000a40000-0000000000a41fff 0x0004/0x0004 0x0020000
132	6cec.6cf0: 0000000000a42000-0000000000aa1fff 0x0000/0x0004 0x0020000
133	6cec.6cf0: 0000000000aa2000-0000000000aaffff 0x0001/0x0000 0x0000000
134	6cec.6cf0: *0000000000ab0000-0000000000ab1fff 0x0004/0x0004 0x0020000
135	6cec.6cf0: 0000000000ab2000-0000000000b11fff 0x0000/0x0004 0x0020000
136	6cec.6cf0: 0000000000b12000-0000000000b1ffff 0x0001/0x0000 0x0000000
137	6cec.6cf0: *0000000000b20000-0000000000b3cfff 0x0004/0x0004 0x0020000
138	6cec.6cf0: 0000000000b3d000-0000000000c1ffff 0x0000/0x0004 0x0020000
139	6cec.6cf0: *0000000000c20000-0000000000c2efff 0x0004/0x0004 0x0020000
140	6cec.6cf0: 0000000000c2f000-0000000000c2ffff 0x0000/0x0004 0x0020000
141	6cec.6cf0: *0000000000c30000-0000000000c34fff 0x0000/0x0004 0x0020000
142	6cec.6cf0: 0000000000c35000-0000000000e25fff 0x0004/0x0004 0x0020000
143	6cec.6cf0: 0000000000e26000-0000000000e26fff 0x0000/0x0004 0x0020000
144	6cec.6cf0: 0000000000e27000-000000007ffdffff 0x0001/0x0000 0x0000000
145	6cec.6cf0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
146	6cec.6cf0: 000000007ffe1000-000000007ffe5fff 0x0001/0x0000 0x0000000
147	6cec.6cf0: *000000007ffe6000-000000007ffe6fff 0x0002/0x0002 0x0020000
148	6cec.6cf0: 000000007ffe7000-00007ff4f122ffff 0x0001/0x0000 0x0000000
149	6cec.6cf0: *00007ff4f1230000-00007ff4f1234fff 0x0002/0x0002 0x0040000
150	6cec.6cf0: 00007ff4f1235000-00007ff4f132ffff 0x0000/0x0002 0x0040000
151	6cec.6cf0: *00007ff4f1330000-00007ff5f134ffff 0x0000/0x0004 0x0020000
152	6cec.6cf0: *00007ff5f1350000-00007ff5f334ffff 0x0000/0x0004 0x0020000
153	6cec.6cf0: 00007ff5f3350000-00007ff5f3350fff 0x0004/0x0004 0x0020000
154	6cec.6cf0: 00007ff5f3351000-00007ff5f335ffff 0x0001/0x0000 0x0000000
155	6cec.6cf0: *00007ff5f3360000-00007ff5f3360fff 0x0002/0x0002 0x0040000
156	6cec.6cf0: 00007ff5f3361000-00007ff5f336ffff 0x0001/0x0000 0x0000000
157	6cec.6cf0: *00007ff5f3370000-00007ff5f339afff 0x0002/0x0002 0x0040000
158	6cec.6cf0: 00007ff5f339b000-00007ff6c471ffff 0x0001/0x0000 0x0000000
159	6cec.6cf0: *00007ff6c4720000-00007ff6c4720fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
160	6cec.6cf0: 00007ff6c4721000-00007ff6c4796fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
161	6cec.6cf0: 00007ff6c4797000-00007ff6c4797fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
162	6cec.6cf0: 00007ff6c4798000-00007ff6c47dffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
163	6cec.6cf0: 00007ff6c47e0000-00007ff6c47e2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
164	6cec.6cf0: 00007ff6c47e3000-00007ff6c47e5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
165	6cec.6cf0: 00007ff6c47e6000-00007ff6c47e8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
166	6cec.6cf0: 00007ff6c47e9000-00007ff6c47e9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
167	6cec.6cf0: 00007ff6c47ea000-00007ff6c47ebfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
168	6cec.6cf0: 00007ff6c47ec000-00007ff6c47ecfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
169	6cec.6cf0: 00007ff6c47ed000-00007ff6c4835fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
170	6cec.6cf0: 00007ff6c4836000-00007fffa342ffff 0x0001/0x0000 0x0000000
171	6cec.6cf0: *00007fffa3430000-00007fffa3430fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
172	6cec.6cf0: 00007fffa3431000-00007fffa347dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
173	6cec.6cf0: 00007fffa347e000-00007fffa349ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
174	6cec.6cf0: 00007fffa34a0000-00007fffa34a2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
175	6cec.6cf0: 00007fffa34a3000-00007fffa34befff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
176	6cec.6cf0: 00007fffa34bf000-00007fffa570ffff 0x0001/0x0000 0x0000000
177	6cec.6cf0: *00007fffa5710000-00007fffa5710fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
178	6cec.6cf0: 00007fffa5711000-00007fffa5815fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
179	6cec.6cf0: 00007fffa5816000-00007fffa5978fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
180	6cec.6cf0: 00007fffa5979000-00007fffa597cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
181	6cec.6cf0: 00007fffa597d000-00007fffa597dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
182	6cec.6cf0: 00007fffa597e000-00007fffa59b3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
183	6cec.6cf0: 00007fffa59b4000-00007fffa70bffff 0x0001/0x0000 0x0000000
184	6cec.6cf0: *00007fffa70c0000-00007fffa70c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
185	6cec.6cf0: 00007fffa70c1000-00007fffa7135fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
186	6cec.6cf0: 00007fffa7136000-00007fffa7167fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
187	6cec.6cf0: 00007fffa7168000-00007fffa7168fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
188	6cec.6cf0: 00007fffa7169000-00007fffa7169fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
189	6cec.6cf0: 00007fffa716a000-00007fffa7171fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
190	6cec.6cf0: 00007fffa7172000-00007fffa859ffff 0x0001/0x0000 0x0000000
191	6cec.6cf0: *00007fffa85a0000-00007fffa85a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
192	6cec.6cf0: 00007fffa85a1000-00007fffa86b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
193	6cec.6cf0: 00007fffa86b8000-00007fffa86fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
194	6cec.6cf0: 00007fffa86ff000-00007fffa86fffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
195	6cec.6cf0: 00007fffa8700000-00007fffa8701fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
196	6cec.6cf0: 00007fffa8702000-00007fffa870afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
197	6cec.6cf0: 00007fffa870b000-00007fffa878ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
198	6cec.6cf0: 00007fffa8790000-00007ffffffeffff 0x0001/0x0000 0x0000000
199	6cec.6cf0: kernel32.dll: timestamp 0x21b07e83 (rc=VINF_SUCCESS)
200	6cec.6cf0: kernelbase.dll: timestamp 0xb89efff3 (rc=VINF_SUCCESS)
201	6cec.6cf0: apphelp.dll: timestamp 0xff74693c (rc=VINF_SUCCESS)
202	6cec.6cf0: VirtualBoxVM.exe: timestamp 0x5e4c1d19 (rc=VINF_SUCCESS)
203	6cec.6cf0: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
204	6cec.6cf0: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
205	6cec.6cf0: kernel32.dll: Differences in section #2 (.rdata) between file and memory:
206	6cec.6cf0: 00007fffa71390e0 / 0x00790e0: 50 != 00
207	6cec.6cf0: 00007fffa71390e1 / 0x00790e1: cc != 14
208	6cec.6cf0: 00007fffa71390e2 / 0x00790e2: 63 != 47
209	6cec.6cf0: 00007fffa71390e3 / 0x00790e3: a8 != a3
210	6cec.6cf0: 00007fffa7139490 / 0x0079490: 40 != 70
211	6cec.6cf0: 00007fffa7139491 / 0x0079491: c5 != 13
212	6cec.6cf0: 00007fffa7139492 / 0x0079492: 63 != 47
213	6cec.6cf0: 00007fffa7139493 / 0x0079493: a8 != a3
214	6cec.6cf0: 00007fffa7139668 / 0x0079668: 00 != 90
215	6cec.6cf0: 00007fffa7139669 / 0x0079669: cb != 11
216	6cec.6cf0: 00007fffa713966a / 0x007966a: 63 != 47
217	6cec.6cf0: 00007fffa713966b / 0x007966b: a8 != a3
218	6cec.6cf0: 00007fffa7139a50 / 0x0079a50: 00 != 90
219	6cec.6cf0: 00007fffa7139a51 / 0x0079a51: cb != 11
220	6cec.6cf0: 00007fffa7139a52 / 0x0079a52: 63 != 47
221	6cec.6cf0: 00007fffa7139a53 / 0x0079a53: a8 != a3
222	6cec.6cf0: Restored 0x2000 bytes of original file content at 00007fffa7138000
223	6cec.6cf0: kernelbase.dll: Differences in section #2 (.rdata) between file and memory:
224	6cec.6cf0: 00007fffa58b68d0 / 0x01a68d0: 40 != 70
225	6cec.6cf0: 00007fffa58b68d1 / 0x01a68d1: c5 != 13
226	6cec.6cf0: 00007fffa58b68d2 / 0x01a68d2: 63 != 47
227	6cec.6cf0: 00007fffa58b68d3 / 0x01a68d3: a8 != a3
228	6cec.6cf0: 00007fffa58b6908 / 0x01a6908: 00 != 90
229	6cec.6cf0: 00007fffa58b6909 / 0x01a6909: cb != 11
230	6cec.6cf0: 00007fffa58b690a / 0x01a690a: 63 != 47
231	6cec.6cf0: 00007fffa58b690b / 0x01a690b: a8 != a3
232	6cec.6cf0: 00007fffa58b6a40 / 0x01a6a40: 50 != 00
233	6cec.6cf0: 00007fffa58b6a41 / 0x01a6a41: cc != 14
234	6cec.6cf0: 00007fffa58b6a42 / 0x01a6a42: 63 != 47
235	6cec.6cf0: 00007fffa58b6a43 / 0x01a6a43: a8 != a3
236	6cec.6cf0: 00007fffa58b7190 / 0x01a7190: 50 != 00
237	6cec.6cf0: 00007fffa58b7191 / 0x01a7191: cc != 14
238	6cec.6cf0: 00007fffa58b7192 / 0x01a7192: 63 != 47
239	6cec.6cf0: 00007fffa58b7193 / 0x01a7193: a8 != a3
240	6cec.6cf0: Restored 0x2000 bytes of original file content at 00007fffa58b6000
241	6cec.6cf0: apphelp.dll: Differences in section #2 (.rdata) between file and memory:
242	6cec.6cf0: 00007fffa347fe98 / 0x004fe98: a0 != e0
243	6cec.6cf0: 00007fffa347fe99 / 0x004fe99: e1 != ed
244	6cec.6cf0: 00007fffa347fe9a / 0x004fe9a: 78 != 0d
245	6cec.6cf0: 00007fffa347fe9b / 0x004fe9b: a5 != a7
246	6cec.6cf0: 00007fffa347fea0 / 0x004fea0: 10 != 50
247	6cec.6cf0: 00007fffa347fea1 / 0x004fea1: 0a != 5e
248	6cec.6cf0: 00007fffa347fea2 / 0x004fea2: 76 != 0d
249	6cec.6cf0: 00007fffa347fea3 / 0x004fea3: a5 != a7
250	6cec.6cf0: 00007fffa347fea8 / 0x004fea8: 10 != b0
251	6cec.6cf0: 00007fffa347fea9 / 0x004fea9: 48 != 1d
252	6cec.6cf0: 00007fffa347feaa / 0x004feaa: 77 != 0e
253	6cec.6cf0: 00007fffa347feab / 0x004feab: a5 != a7
254	6cec.6cf0: 00007fffa347feb0 / 0x004feb0: 60 != 50
255	6cec.6cf0: 00007fffa347feb1 / 0x004feb1: a7 != b7
256	6cec.6cf0: 00007fffa347feb2 / 0x004feb2: 77 != 0d
257	6cec.6cf0: 00007fffa347feb3 / 0x004feb3: a5 != a7
258	6cec.6cf0: 00007fffa347feb8 / 0x004feb8: d0 != c0
259	6cec.6cf0: 00007fffa347feb9 / 0x004feb9: 22 != 1d
260	6cec.6cf0: 00007fffa347feba / 0x004feba: 77 != 0e
261	6cec.6cf0: 00007fffa347febb / 0x004febb: a5 != a7
262	6cec.6cf0: 00007fffa347fec0 / 0x004fec0: a0 != 40
263	6cec.6cf0: 00007fffa347fec1 / 0x004fec1: bc != be
264	6cec.6cf0: 00007fffa347fec2 / 0x004fec2: 76 != 0d
265	6cec.6cf0: 00007fffa347fec3 / 0x004fec3: a5 != a7
266	6cec.6cf0: 00007fffa347fec8 / 0x004fec8: c0 != 60
267	6cec.6cf0: 00007fffa347fec9 / 0x004fec9: 66 != a1
268	6cec.6cf0: 00007fffa347feca / 0x004feca: 77 != 0d
269	6cec.6cf0: 00007fffa347fecb / 0x004fecb: a5 != a7
270	6cec.6cf0: 00007fffa347fed8 / 0x004fed8: 20 != a0
271	6cec.6cf0: 00007fffa347fed9 / 0x004fed9: 72 != a1
272	6cec.6cf0: 00007fffa347feda / 0x004feda: 73 != 0d
273	6cec.6cf0: 00007fffa347fedb / 0x004fedb: a5 != a7
274	6cec.6cf0: Restored 0x2000 bytes of original file content at 00007fffa347e000
275	6cec.6cf0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=3
276	6cec.6cf0: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
277	6cec.6cf0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
278	6cec.6cf0: supR3HardNtEnableThreadCreationEx:
279	6cec.6cf0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffa8611770 pvNtTerminateThread=00007fffa863cac0
280	6cec.6cf0: supR3HardenedWinDoReSpawn(1): New child 6d10.6d14 [kernel32].
281	6cec.6cf0: supR3HardNtChildGatherData: PebBaseAddress=0000000001054000 cbPeb=0x388
282	6cec.6cf0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fffa85a0000 uNtDllChildAddr=00007fffa85a0000
283	6cec.6cf0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fffa8611770
284	6cec.6cf0: supR3HardenedWinSetupChildInit: Initial context:
285	rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6c4727900 rdx=0000000001054000
286	rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
287	r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
288	r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
289	rip=00007fffa860ce30 rsp=00000000012ffc68 rbp=0000000000000000 ctxflags=0010001b
290	cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
291	P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
292	dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
293	dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
294	lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
295	6cec.6cf0: supR3HardenedWinSetupChildInit: Start child.
296	6cec.6cf0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
297	6cec.6cf0: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 58 sleeps
298	6cec.6cf0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
299	6cec.6cf0: *0000000000000000-0000000000faffff 0x0001/0x0000 0x0000000
300	6cec.6cf0: *0000000000fb0000-0000000000fcffff 0x0004/0x0004 0x0020000
301	6cec.6cf0: *0000000000fd0000-0000000000feafff 0x0002/0x0002 0x0040000
302	6cec.6cf0: 0000000000feb000-0000000000feffff 0x0001/0x0000 0x0000000
303	6cec.6cf0: *0000000000ff0000-0000000000ff3fff 0x0002/0x0002 0x0040000
304	6cec.6cf0: 0000000000ff4000-0000000000ffffff 0x0001/0x0000 0x0000000
305	6cec.6cf0: *0000000001000000-0000000001053fff 0x0000/0x0004 0x0020000
306	6cec.6cf0: 0000000001054000-0000000001056fff 0x0004/0x0004 0x0020000
307	6cec.6cf0: 0000000001057000-00000000011fffff 0x0000/0x0004 0x0020000
308	6cec.6cf0: *0000000001200000-00000000012fafff 0x0000/0x0004 0x0020000
309	6cec.6cf0: 00000000012fb000-00000000012fdfff 0x0104/0x0004 0x0020000
310	6cec.6cf0: 00000000012fe000-00000000012fffff 0x0004/0x0004 0x0020000
311	6cec.6cf0: *0000000001300000-0000000001301fff 0x0004/0x0004 0x0020000
312	6cec.6cf0: 0000000001302000-000000007ffdffff 0x0001/0x0000 0x0000000
313	6cec.6cf0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
314	6cec.6cf0: 000000007ffe1000-000000007ffe5fff 0x0001/0x0000 0x0000000
315	6cec.6cf0: *000000007ffe6000-000000007ffe6fff 0x0002/0x0002 0x0020000
316	6cec.6cf0: 000000007ffe7000-00007ff5089effff 0x0001/0x0000 0x0000000
317	6cec.6cf0: *00007ff5089f0000-00007ff5089f0fff 0x0002/0x0002 0x0040000
318	6cec.6cf0: 00007ff5089f1000-00007ff5089fffff 0x0001/0x0000 0x0000000
319	6cec.6cf0: *00007ff508a00000-00007ff508a2afff 0x0002/0x0002 0x0040000
320	6cec.6cf0: 00007ff508a2b000-00007ff6c471ffff 0x0001/0x0000 0x0000000
321	6cec.6cf0: *00007ff6c4720000-00007ff6c4720fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
322	6cec.6cf0: 00007ff6c4721000-00007ff6c4796fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
323	6cec.6cf0: 00007ff6c4797000-00007ff6c4797fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
324	6cec.6cf0: 00007ff6c4798000-00007ff6c47dffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
325	6cec.6cf0: 00007ff6c47e0000-00007ff6c47e0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
326	6cec.6cf0: 00007ff6c47e1000-00007ff6c47e1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
327	6cec.6cf0: 00007ff6c47e2000-00007ff6c47e6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
328	6cec.6cf0: 00007ff6c47e7000-00007ff6c47e7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
329	6cec.6cf0: 00007ff6c47e8000-00007ff6c47e8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
330	6cec.6cf0: 00007ff6c47e9000-00007ff6c47ecfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
331	6cec.6cf0: 00007ff6c47ed000-00007ff6c4835fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
332	6cec.6cf0: 00007ff6c4836000-00007fffa859ffff 0x0001/0x0000 0x0000000
333	6cec.6cf0: *00007fffa85a0000-00007fffa85a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
334	6cec.6cf0: 00007fffa85a1000-00007fffa86b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
335	6cec.6cf0: 00007fffa86b8000-00007fffa86fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
336	6cec.6cf0: 00007fffa86ff000-00007fffa870afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
337	6cec.6cf0: 00007fffa870b000-00007fffa8719fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
338	6cec.6cf0: 00007fffa871a000-00007fffa871afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
339	6cec.6cf0: 00007fffa871b000-00007fffa871dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
340	6cec.6cf0: 00007fffa871e000-00007fffa878ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
341	6cec.6cf0: 00007fffa8790000-00007ffffffeffff 0x0001/0x0000 0x0000000
342	6cec.6cf0: supR3HardNtChildPurify: Done after 524 ms and 0 fixes (loop #0).
343	6cec.6cf0: supR3HardNtEnableThreadCreationEx:
344	6d10.6d14: Log file opened: 6.1.4r136177 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
345	6d10.6d14: supR3HardenedVmProcessInit: uNtDllAddr=00007fffa85a0000 g_uNtVerCombined=0xa047bb00 (stack ~00000000012ff6f8)
346	6d10.6d14: ntdll.dll: timestamp 0xb29ecf52 (rc=VINF_SUCCESS)
347	6d10.6d14: New simple heap: #1 0000000001410000 LB 0x400000 (for 2031616 allocation)
348	6d10.6d14: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
349	6d10.6d14: System32: \Device\HarddiskVolume8\Windows\System32
350	6d10.6d14: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
351	6d10.6d14: KnownDllPath: C:\WINDOWS\System32
352	6d10.6d14: supR3HardenedVmProcessInit: Opening vboxdrv stub...
353	6d10.6d14: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
354	6d10.6d14: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
355	6d10.6d14: Registered Dll notification callback with NTDLL.
356	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel32.dll)
357	6d10.6d14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel32.dll
358	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
359	6d10.6d14: supR3HardenedDllNotificationCallback: load 00007fffa5710000 LB 0x002a4000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
360	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\KernelBase.dll)
361	6d10.6d14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
362	6d10.6d14: supR3HardenedDllNotificationCallback: load 00007fffa70c0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
363	6d10.6d14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
364	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa70c0000 'C:\WINDOWS\System32\KERNEL32.DLL'
365	6d10.6d14: supR3HardenedDllNotificationCallback: load 00007ff6c4720000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
366	6d10.6d14: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
367	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
368	6d10.6d14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
369	6d10.6d14: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffa8611770 pvNtTerminateThread=00007fffa863cac0
370	6cec.6cf0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 79 ms.
371	6d10.6d14: \SystemRoot\System32\ntdll.dll:
372	6d10.6d14: CreationTime: 2020-05-03T03:29:33.075535900Z
373	6d10.6d14: LastWriteTime: 2020-05-03T03:29:33.128546900Z
374	6d10.6d14: ChangeTime: 2020-05-04T03:07:36.221273200Z
375	6d10.6d14: FileAttributes: 0x20
376	6d10.6d14: Size: 0x1e8460
377	6d10.6d14: NT Headers: 0xd8
378	6d10.6d14: Timestamp: 0xb29ecf52
379	6d10.6d14: Machine: 0x8664 - amd64
380	6d10.6d14: Timestamp: 0xb29ecf52
381	6d10.6d14: Image Version: 10.0
382	6d10.6d14: SizeOfImage: 0x1f0000 (2031616)
383	6d10.6d14: Resource Dir: 0x17f000 LB 0x6f310
384	6d10.6d14: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
385	6d10.6d14: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
386	6d10.6d14: ProductName: Microsoft® Windows® Operating System
387	6d10.6d14: ProductVersion: 10.0.18362.815
388	6d10.6d14: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
389	6d10.6d14: FileDescription: NT Layer DLL
390	6d10.6d14: \SystemRoot\System32\kernel32.dll:
391	6d10.6d14: CreationTime: 2020-04-15T16:13:02.961257500Z
392	6d10.6d14: LastWriteTime: 2020-04-15T16:13:02.986662000Z
393	6d10.6d14: ChangeTime: 2020-05-03T03:30:23.798603800Z
394	6d10.6d14: FileAttributes: 0x20
395	6d10.6d14: Size: 0xb0498
396	6d10.6d14: NT Headers: 0xe8
397	6d10.6d14: Timestamp: 0x21b07e83
398	6d10.6d14: Machine: 0x8664 - amd64
399	6d10.6d14: Timestamp: 0x21b07e83
400	6d10.6d14: Image Version: 10.0
401	6d10.6d14: SizeOfImage: 0xb2000 (729088)
402	6d10.6d14: Resource Dir: 0xb0000 LB 0x520
403	6d10.6d14: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
404	6d10.6d14: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
405	6d10.6d14: ProductName: Microsoft® Windows® Operating System
406	6d10.6d14: ProductVersion: 10.0.18362.778
407	6d10.6d14: FileVersion: 10.0.18362.778 (WinBuild.160101.0800)
408	6d10.6d14: FileDescription: Windows NT BASE API Client DLL
409	6d10.6d14: \SystemRoot\System32\KernelBase.dll:
410	6d10.6d14: CreationTime: 2020-05-03T03:29:33.628657500Z
411	6d10.6d14: LastWriteTime: 2020-05-03T03:29:33.729681700Z
412	6d10.6d14: ChangeTime: 2020-05-04T03:07:35.945225300Z
413	6d10.6d14: FileAttributes: 0x20
414	6d10.6d14: Size: 0x2a4068
415	6d10.6d14: NT Headers: 0xf8
416	6d10.6d14: Timestamp: 0xb89efff3
417	6d10.6d14: Machine: 0x8664 - amd64
418	6d10.6d14: Timestamp: 0xb89efff3
419	6d10.6d14: Image Version: 10.0
420	6d10.6d14: SizeOfImage: 0x2a4000 (2768896)
421	6d10.6d14: Resource Dir: 0x27e000 LB 0x548
422	6d10.6d14: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
423	6d10.6d14: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
424	6d10.6d14: ProductName: Microsoft® Windows® Operating System
425	6d10.6d14: ProductVersion: 10.0.18362.815
426	6d10.6d14: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
427	6d10.6d14: FileDescription: Windows NT BASE API Client DLL
428	6d10.6d14: \SystemRoot\System32\apisetschema.dll:
429	6d10.6d14: CreationTime: 2019-03-19T04:43:54.837151500Z
430	6d10.6d14: LastWriteTime: 2019-03-19T04:43:54.837151500Z
431	6d10.6d14: ChangeTime: 2020-05-03T03:30:23.758596400Z
432	6d10.6d14: FileAttributes: 0x20
433	6d10.6d14: Size: 0x1d028
434	6d10.6d14: NT Headers: 0xc8
435	6d10.6d14: Timestamp: 0xd6ced080
436	6d10.6d14: Machine: 0x8664 - amd64
437	6d10.6d14: Timestamp: 0xd6ced080
438	6d10.6d14: Image Version: 10.0
439	6d10.6d14: SizeOfImage: 0x1e000 (122880)
440	6d10.6d14: Resource Dir: 0x1d000 LB 0x408
441	6d10.6d14: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
442	6d10.6d14: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
443	6d10.6d14: ProductName: Microsoft® Windows® Operating System
444	6d10.6d14: ProductVersion: 10.0.18362.1
445	6d10.6d14: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
446	6d10.6d14: FileDescription: ApiSet Schema DLL
447	6d10.6d14: Found driver SymNetS (0x2)
448	6d10.6d14: Found driver SRTSPX (0x2)
449	6d10.6d14: Found driver SymEvent (0x2)
450	6d10.6d14: Found driver SymIRON (0x2)
451	6d10.6d14: supR3HardenedWinFindAdversaries: 0x2
452	6d10.6d14: \SystemRoot\System32\drivers\symevent64x86.sys:
453	6d10.6d14: CreationTime: 2018-05-07T20:10:45.241730500Z
454	6d10.6d14: LastWriteTime: 2019-03-21T09:37:41.102289300Z
455	6d10.6d14: ChangeTime: 2019-10-07T03:10:05.970074600Z
456	6d10.6d14: FileAttributes: 0x20
457	6d10.6d14: Size: 0x186e0
458	6d10.6d14: NT Headers: 0xf0
459	6d10.6d14: Timestamp: 0x5bbbe164
460	6d10.6d14: Machine: 0x8664 - amd64
461	6d10.6d14: Timestamp: 0x5bbbe164
462	6d10.6d14: Image Version: 6.3
463	6d10.6d14: SizeOfImage: 0x21000 (135168)
464	6d10.6d14: Resource Dir: 0x1f000 LB 0x3c8
465	6d10.6d14: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
466	6d10.6d14: [Raw version resource data: 0x1f0b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
467	6d10.6d14: ProductName: SYMEVENT
468	6d10.6d14: ProductVersion: 14.0.7.71
469	6d10.6d14: FileVersion: 14.0.7.71
470	6d10.6d14: FileDescription: Symantec Event Library
471	6d10.6d14: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
472	6d10.6d14: Calling main()
473	6d10.6d14: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
474	6d10.6d14: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
475	6d10.6d14: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
476	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
477	6d10.6d14: SUPR3HardenedMain: Respawn #2
478	6d10.6d14: supR3HardNtEnableThreadCreationEx:
479	6d10.6d14: supR3HardenedDllNotificationCallback: load 00007fffa81b0000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
480	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll)
481	6d10.6d14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
482	6d10.6d14: supR3HardenedDllNotificationCallback: load 00007fffa6650000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
483	6d10.6d14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
484	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\sechost.dll)
485	6d10.6d14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\sechost.dll
486	6d10.6d14: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
487	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ntdll.dll)
488	6d10.6d14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ntdll.dll
489	6d10.6d14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
490	6d10.6d14: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
491	6d10.6d14: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
492	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
493	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa85a0000 'C:\WINDOWS\System32\ntdll.dll'
494	6d10.6d14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\apphelp.dll)
495	6d10.6d14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\apphelp.dll
496	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
497	6d10.6d14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
498	6d10.6d14: supR3HardenedDllNotificationCallback: load 00007fffa3430000 LB 0x0008f000 C:\WINDOWS\system32\apphelp.dll [fFlags=0x0]
499	6d10.6d14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
500	6d10.6d14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ntdll.dll [lacks WinVerifyTrust]
501	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
502	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa85a0000 'C:\WINDOWS\System32\ntdll.dll'
503	6d10.6d14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3430000 'C:\WINDOWS\system32\apphelp.dll'
504	6d10.6d14: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffa8611770 pvNtTerminateThread=00007fffa863cac0
505	6d10.6d14: supR3HardenedWinDoReSpawn(2): New child 6d24.6d28 [kernel32].
506	6d10.6d14: supR3HardNtChildGatherData: PebBaseAddress=0000000001119000 cbPeb=0x388
507	6d10.6d14: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fffa85a0000 uNtDllChildAddr=00007fffa85a0000
508	6d10.6d14: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fffa8611770
509	6d10.6d14: supR3HardenedWinSetupChildInit: Initial context:
510	rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6c4727900 rdx=0000000001119000
511	rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
512	r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
513	r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
514	rip=00007fffa860ce30 rsp=0000000000f8f7f8 rbp=0000000000000000 ctxflags=0010001b
515	cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
516	P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
517	dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
518	dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
519	lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
520	6d10.6d14: kernel32.dll: timestamp 0x21b07e83 (rc=VINF_SUCCESS)
521	6d10.6d14: supR3HardenedWinSetupChildInit: Start child.
522	6d10.6d14: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
523	6d10.6d14: supR3HardNtChildPurify: Startup delay kludge #1/0: 521 ms, 58 sleeps
524	6d10.6d14: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
525	6d10.6d14: *0000000000000000-0000000000e4ffff 0x0001/0x0000 0x0000000
526	6d10.6d14: *0000000000e50000-0000000000e6ffff 0x0004/0x0004 0x0020000
527	6d10.6d14: *0000000000e70000-0000000000e8afff 0x0002/0x0002 0x0040000
528	6d10.6d14: 0000000000e8b000-0000000000e8ffff 0x0001/0x0000 0x0000000
529	6d10.6d14: *0000000000e90000-0000000000f8afff 0x0000/0x0004 0x0020000
530	6d10.6d14: 0000000000f8b000-0000000000f8dfff 0x0104/0x0004 0x0020000
531	6d10.6d14: 0000000000f8e000-0000000000f8ffff 0x0004/0x0004 0x0020000
532	6d10.6d14: *0000000000f90000-0000000000f93fff 0x0002/0x0002 0x0040000
533	6d10.6d14: 0000000000f94000-0000000000f9ffff 0x0001/0x0000 0x0000000
534	6d10.6d14: *0000000000fa0000-0000000000fa1fff 0x0004/0x0004 0x0020000
535	6d10.6d14: 0000000000fa2000-0000000000ffffff 0x0001/0x0000 0x0000000
536	6d10.6d14: *0000000001000000-0000000001118fff 0x0000/0x0004 0x0020000
537	6d10.6d14: 0000000001119000-000000000111bfff 0x0004/0x0004 0x0020000
538	6d10.6d14: 000000000111c000-00000000011fffff 0x0000/0x0004 0x0020000
539	6d10.6d14: 0000000001200000-000000007ffdffff 0x0001/0x0000 0x0000000
540	6d10.6d14: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
541	6d10.6d14: 000000007ffe1000-000000007ffe5fff 0x0001/0x0000 0x0000000
542	6d10.6d14: *000000007ffe6000-000000007ffe6fff 0x0002/0x0002 0x0020000
543	6d10.6d14: 000000007ffe7000-00007ff54dfaffff 0x0001/0x0000 0x0000000
544	6d10.6d14: *00007ff54dfb0000-00007ff54dfb0fff 0x0002/0x0002 0x0040000
545	6d10.6d14: 00007ff54dfb1000-00007ff54dfbffff 0x0001/0x0000 0x0000000
546	6d10.6d14: *00007ff54dfc0000-00007ff54dfeafff 0x0002/0x0002 0x0040000
547	6d10.6d14: 00007ff54dfeb000-00007ff6c471ffff 0x0001/0x0000 0x0000000
548	6d10.6d14: *00007ff6c4720000-00007ff6c4720fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
549	6d10.6d14: 00007ff6c4721000-00007ff6c4796fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
550	6d10.6d14: 00007ff6c4797000-00007ff6c4797fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
551	6d10.6d14: 00007ff6c4798000-00007ff6c47dffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
552	6d10.6d14: 00007ff6c47e0000-00007ff6c47e0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
553	6d10.6d14: 00007ff6c47e1000-00007ff6c47e1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
554	6d10.6d14: 00007ff6c47e2000-00007ff6c47e6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
555	6d10.6d14: 00007ff6c47e7000-00007ff6c47e7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
556	6d10.6d14: 00007ff6c47e8000-00007ff6c47e8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
557	6d10.6d14: 00007ff6c47e9000-00007ff6c47ecfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
558	6d10.6d14: 00007ff6c47ed000-00007ff6c4835fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
559	6d10.6d14: 00007ff6c4836000-00007fffa859ffff 0x0001/0x0000 0x0000000
560	6d10.6d14: *00007fffa85a0000-00007fffa85a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
561	6d10.6d14: 00007fffa85a1000-00007fffa86b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
562	6d10.6d14: 00007fffa86b8000-00007fffa86fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
563	6d10.6d14: 00007fffa86ff000-00007fffa870afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
564	6d10.6d14: 00007fffa870b000-00007fffa8719fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
565	6d10.6d14: 00007fffa871a000-00007fffa871afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
566	6d10.6d14: 00007fffa871b000-00007fffa871dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
567	6d10.6d14: 00007fffa871e000-00007fffa878ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
568	6d10.6d14: 00007fffa8790000-00007ffffffeffff 0x0001/0x0000 0x0000000
569	6d10.6d14: VirtualBoxVM.exe: timestamp 0x5e4c1d19 (rc=VINF_SUCCESS)
570	6d10.6d14: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
571	6d10.6d14: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
572	6d10.6d14: supR3HardNtChildPurify: Done after 552 ms and 0 fixes (loop #0).
573	6d10.6d14: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001410000 LB 0x400000)
574	6d10.6d14: supR3HardNtEnableThreadCreationEx:
575	6d24.6d28: Log file opened: 6.1.4r136177 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
576	6d24.6d28: supR3HardenedVmProcessInit: uNtDllAddr=00007fffa85a0000 g_uNtVerCombined=0xa047bb00 (stack ~0000000000f8f288)
577	6d24.6d28: ntdll.dll: timestamp 0xb29ecf52 (rc=VINF_SUCCESS)
578	6d24.6d28: New simple heap: #1 0000000001300000 LB 0x400000 (for 2031616 allocation)
579	6d24.6d28: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
580	6d24.6d28: System32: \Device\HarddiskVolume8\Windows\System32
581	6d24.6d28: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
582	6d24.6d28: KnownDllPath: C:\WINDOWS\System32
583	6d24.6d28: supR3HardenedVmProcessInit: Opening vboxdrv...
584	6d24.6d28: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
585	6d24.6d28: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
586	6d24.6d28: Registered Dll notification callback with NTDLL.
587	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel32.dll)
588	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel32.dll
589	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
590	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5710000 LB 0x002a4000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
591	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\KernelBase.dll)
592	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
593	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa70c0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
594	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
595	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa70c0000 'C:\WINDOWS\System32\KERNEL32.DLL'
596	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007ff6c4720000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
597	6d24.6d28: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
598	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
599	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
600	6d24.6d28: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffa8611770 pvNtTerminateThread=00007fffa863cac0
601	6d10.6d14: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 86 ms.
602	6d24.6d28: \SystemRoot\System32\ntdll.dll:
603	6d24.6d28: CreationTime: 2020-05-03T03:29:33.075535900Z
604	6d24.6d28: LastWriteTime: 2020-05-03T03:29:33.128546900Z
605	6d24.6d28: ChangeTime: 2020-05-04T03:07:36.221273200Z
606	6d24.6d28: FileAttributes: 0x20
607	6d24.6d28: Size: 0x1e8460
608	6d24.6d28: NT Headers: 0xd8
609	6d24.6d28: Timestamp: 0xb29ecf52
610	6d24.6d28: Machine: 0x8664 - amd64
611	6d24.6d28: Timestamp: 0xb29ecf52
612	6d24.6d28: Image Version: 10.0
613	6d24.6d28: SizeOfImage: 0x1f0000 (2031616)
614	6d24.6d28: Resource Dir: 0x17f000 LB 0x6f310
615	6d24.6d28: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
616	6d24.6d28: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
617	6d24.6d28: ProductName: Microsoft® Windows® Operating System
618	6d24.6d28: ProductVersion: 10.0.18362.815
619	6d24.6d28: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
620	6d24.6d28: FileDescription: NT Layer DLL
621	6d24.6d28: \SystemRoot\System32\kernel32.dll:
622	6d24.6d28: CreationTime: 2020-04-15T16:13:02.961257500Z
623	6d24.6d28: LastWriteTime: 2020-04-15T16:13:02.986662000Z
624	6d24.6d28: ChangeTime: 2020-05-03T03:30:23.798603800Z
625	6d24.6d28: FileAttributes: 0x20
626	6d24.6d28: Size: 0xb0498
627	6d24.6d28: NT Headers: 0xe8
628	6d24.6d28: Timestamp: 0x21b07e83
629	6d24.6d28: Machine: 0x8664 - amd64
630	6d24.6d28: Timestamp: 0x21b07e83
631	6d24.6d28: Image Version: 10.0
632	6d24.6d28: SizeOfImage: 0xb2000 (729088)
633	6d24.6d28: Resource Dir: 0xb0000 LB 0x520
634	6d24.6d28: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
635	6d24.6d28: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
636	6d24.6d28: ProductName: Microsoft® Windows® Operating System
637	6d24.6d28: ProductVersion: 10.0.18362.778
638	6d24.6d28: FileVersion: 10.0.18362.778 (WinBuild.160101.0800)
639	6d24.6d28: FileDescription: Windows NT BASE API Client DLL
640	6d24.6d28: \SystemRoot\System32\KernelBase.dll:
641	6d24.6d28: CreationTime: 2020-05-03T03:29:33.628657500Z
642	6d24.6d28: LastWriteTime: 2020-05-03T03:29:33.729681700Z
643	6d24.6d28: ChangeTime: 2020-05-04T03:07:35.945225300Z
644	6d24.6d28: FileAttributes: 0x20
645	6d24.6d28: Size: 0x2a4068
646	6d24.6d28: NT Headers: 0xf8
647	6d24.6d28: Timestamp: 0xb89efff3
648	6d24.6d28: Machine: 0x8664 - amd64
649	6d24.6d28: Timestamp: 0xb89efff3
650	6d24.6d28: Image Version: 10.0
651	6d24.6d28: SizeOfImage: 0x2a4000 (2768896)
652	6d24.6d28: Resource Dir: 0x27e000 LB 0x548
653	6d24.6d28: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
654	6d24.6d28: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
655	6d24.6d28: ProductName: Microsoft® Windows® Operating System
656	6d24.6d28: ProductVersion: 10.0.18362.815
657	6d24.6d28: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
658	6d24.6d28: FileDescription: Windows NT BASE API Client DLL
659	6d24.6d28: \SystemRoot\System32\apisetschema.dll:
660	6d24.6d28: CreationTime: 2019-03-19T04:43:54.837151500Z
661	6d24.6d28: LastWriteTime: 2019-03-19T04:43:54.837151500Z
662	6d24.6d28: ChangeTime: 2020-05-03T03:30:23.758596400Z
663	6d24.6d28: FileAttributes: 0x20
664	6d24.6d28: Size: 0x1d028
665	6d24.6d28: NT Headers: 0xc8
666	6d24.6d28: Timestamp: 0xd6ced080
667	6d24.6d28: Machine: 0x8664 - amd64
668	6d24.6d28: Timestamp: 0xd6ced080
669	6d24.6d28: Image Version: 10.0
670	6d24.6d28: SizeOfImage: 0x1e000 (122880)
671	6d24.6d28: Resource Dir: 0x1d000 LB 0x408
672	6d24.6d28: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
673	6d24.6d28: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
674	6d24.6d28: ProductName: Microsoft® Windows® Operating System
675	6d24.6d28: ProductVersion: 10.0.18362.1
676	6d24.6d28: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
677	6d24.6d28: FileDescription: ApiSet Schema DLL
678	6d24.6d28: Found driver SymNetS (0x2)
679	6d24.6d28: Found driver SRTSPX (0x2)
680	6d24.6d28: Found driver SymEvent (0x2)
681	6d24.6d28: Found driver SymIRON (0x2)
682	6d24.6d28: supR3HardenedWinFindAdversaries: 0x2
683	6d24.6d28: \SystemRoot\System32\drivers\symevent64x86.sys:
684	6d24.6d28: CreationTime: 2018-05-07T20:10:45.241730500Z
685	6d24.6d28: LastWriteTime: 2019-03-21T09:37:41.102289300Z
686	6d24.6d28: ChangeTime: 2019-10-07T03:10:05.970074600Z
687	6d24.6d28: FileAttributes: 0x20
688	6d24.6d28: Size: 0x186e0
689	6d24.6d28: NT Headers: 0xf0
690	6d24.6d28: Timestamp: 0x5bbbe164
691	6d24.6d28: Machine: 0x8664 - amd64
692	6d24.6d28: Timestamp: 0x5bbbe164
693	6d24.6d28: Image Version: 6.3
694	6d24.6d28: SizeOfImage: 0x21000 (135168)
695	6d24.6d28: Resource Dir: 0x1f000 LB 0x3c8
696	6d24.6d28: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
697	6d24.6d28: [Raw version resource data: 0x1f0b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
698	6d24.6d28: ProductName: SYMEVENT
699	6d24.6d28: ProductVersion: 14.0.7.71
700	6d24.6d28: FileVersion: 14.0.7.71
701	6d24.6d28: FileDescription: Symantec Event Library
702	6d24.6d28: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
703	6d24.6d28: Calling main()
704	6d24.6d28: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
705	6d24.6d28: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
706	6d24.6d28: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
707	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
708	6d24.6d28: SUPR3HardenedMain: Final process, opening VBoxDrv...
709	6d24.6d28: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001300000 LB 0x400000)
710	6d24.6d28: supR3HardNtEnableThreadCreationEx:
711	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
712	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
713	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
714	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
715	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9d750000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
716	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
717	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
718	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
719	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d750000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
720	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
721	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
722	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d750000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
723	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d750000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
724	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
725	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
726	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
727	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
728	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wintrust.dll)
729	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wintrust.dll
730	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
731	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
732	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll)
733	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
734	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
735	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume8\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
736	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msasn1.dll'.
737	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\crypt32.dll)
738	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\crypt32.dll
739	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
740	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume8\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
741	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msasn1.dll)
742	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msasn1.dll
743	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
744	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
745	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msvcrt.dll)
746	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
747	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
748	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume8\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
749	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
750	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
751	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa68a0000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
752	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
753	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5510000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
754	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
755	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa61c0000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
756	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ucrtbase.dll)
757	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ucrtbase.dll
758	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6500000 LB 0x00149000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
759	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
760	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa81b0000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
761	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
762	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5600000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
763	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
764	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
765	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
766	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
767	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
768	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
769	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
770	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
771	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
772	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
773	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
774	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
775	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
776	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
777	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
778	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-l1-2-1'
779	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5600000 'C:\WINDOWS\system32\Wintrust.dll'
780	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\bcrypt.dll)
781	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\bcrypt.dll
782	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
783	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6310000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
784	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
785	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6310000 'C:\WINDOWS\system32\bcrypt.dll'
786	6d24.6d28: bcrypt.dll loaded at 00007fffa6310000, BCryptOpenAlgorithmProvider at 00007fffa6314c70, preloading providers:
787	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll)
788	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll
789	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
790	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6140000 LB 0x00080000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
791	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
792	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6140000 'C:\WINDOWS\system32\bcryptprimitives.dll'
793	6d24.6d28: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000180a9b0)
794	6d24.6d28: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000180fd50)
795	6d24.6d28: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000001810050)
796	6d24.6d28: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000001810350)
797	6d24.6d28: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000001810650)
798	6d24.6d28: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000001810950)
799	6d24.6d28: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000001810c50)
800	6d24.6d28: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000001810f50)
801	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6340000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
802	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cryptsp.dll)
803	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptsp.dll
804	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
805	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rsaenh.dll)
806	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
807	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
808	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
809	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
810	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
811	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
812	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa4840000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
813	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
814	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
815	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
816	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cryptbase.dll)
817	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptbase.dll
818	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa4ea0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
819	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
820	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
821	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
822	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
823	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
824	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
825	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa70c0000 'C:\WINDOWS\System32\kernel32.dll'
826	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
827	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
828	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5600000 'C:\WINDOWS\System32\WINTRUST.DLL'
829	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
830	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
831	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\CRYPT32.dll'
832	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6950000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
833	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
834	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\imagehlp.dll)
835	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\imagehlp.dll
836	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
837	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
838	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
839	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
840	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
841	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
842	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6650000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
843	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
844	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\sechost.dll)
845	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\sechost.dll
846	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
847	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
848	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gpapi.dll)
849	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gpapi.dll
850	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa3ea0000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
851	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
852	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa54e0000 LB 0x00023000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
853	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\profapi.dll)
854	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\profapi.dll
855	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
856	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
857	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\cryptnet.dll)
858	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptnet.dll
859	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
860	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume8\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
861	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
862	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
863	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
864	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
865	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
866	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
867	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
868	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
869	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
870	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
871	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
872	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
873	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
874	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
875	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
876	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9f4c0000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
877	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
878	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
879	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
880	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
881	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
882	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
883	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
884	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
885	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
886	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
887	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
888	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
889	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
890	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
891	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
892	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
893	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
894	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
895	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
896	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
897	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
898	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
899	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
900	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
901	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
902	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
903	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
904	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
905	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
906	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
907	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
908	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\Windows\System32\cryptnet.dll'
909	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa82d0000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
910	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
911	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
912	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
913	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\advapi32.dll)
914	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\advapi32.dll
915	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
916	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
917	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
918	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
919	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
920	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume8\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
921	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\sechost.dll [lacks WinVerifyTrust]
922	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
923	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
924	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
925	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
926	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
927	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
928	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
929	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
930	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
931	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000187dd30
932	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
933	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F110B40CF67FEF4EFA84C23431B3B42233E381F
934	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
935	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
936	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa81b0000 'C:\WINDOWS\System32\rpcrt4.dll'
937	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
938	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
939	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
940	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
941	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
942	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
943	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.815.cat'; file='\SystemRoot\System32\ntdll.dll'
944	6d24.6d28: g_pfnWinVerifyTrust=00007fffa56061f0
945	6d24.6d28: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
946	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
947	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
948	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
949	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
950	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
951	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
952	6d24.6d28: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\crypt32.dll'
953	6d24.6d28: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
954	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
955	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
956	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
957	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
958	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
959	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
960	6d24.6d28: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\wintrust.dll'
961	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
962	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
963	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
964	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
965	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\advapi32.dll'
966	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume8\Windows\System32\cryptnet.dll
967	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
968	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
969	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
970	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
971	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
972	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
973	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.815.cat'; file='\Device\HarddiskVolume8\Windows\System32\cryptnet.dll'
974	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
975	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptnet.dll'
976	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
977	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
978	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
979	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\profapi.dll'
980	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
981	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
982	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
983	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gpapi.dll'
984	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
985	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
986	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
987	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\sechost.dll'
988	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
989	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
990	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
991	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\imagehlp.dll'
992	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
993	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
994	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
995	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptbase.dll'
996	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
997	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
998	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
999	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1000	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1001	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\rsaenh.dll'
1002	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
1003	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1004	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1005	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1006	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptsp.dll'
1007	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1008	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1009	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll'
1010	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1011	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1012	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll'
1013	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1014	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1015	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\ucrtbase.dll'
1016	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1017	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1018	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll'
1019	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1020	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1021	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msasn1.dll'
1022	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1023	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1024	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll'
1025	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1026	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1027	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1028	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
1029	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1030	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1031	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\KernelBase.dll'
1032	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1033	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1034	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\kernel32.dll'
1035	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\system32\crypt32.dll'
1036	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1037	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1038	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xcb6ade9265bfb800 O=AO Kaspersky Lab, CN=Kaspersky Anti-Virus Personal Root Certificate
1039	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1040	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
1041	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1042	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1043	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xec15846517d9ac00 C=CA, ST=Ontario, L=Toronto, O=SurfEasy, CN=SurfEasy CA, Email=ops@surfeasy.com
1044	6d24.6d28: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=BZ, ST=Belize, L=Belize City, O=DT Soft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=DT Soft Ltd
1045	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1046	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
1047	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1048	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1049	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1050	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
1051	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xa12b07674f1bf600 C=US, O=AffirmTrust, CN=AffirmTrust Commercial
1052	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1053	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xd66525adaaa600 C=JP, O=Japanese Government, OU=GPKI, CN=ApplicationCA2 Root
1054	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x91e3728b8b40d000 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority
1055	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1056	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1057	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
1058	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1059	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1060	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1061	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1062	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1063	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
1064	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1065	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1066	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1067	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1068	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1069	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1070	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1071	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1072	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1073	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1074	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1075	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1076	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x5534b165029017e7 C=US, O=Equifax Secure Inc., CN=Equifax Secure Global eBusiness CA-1
1077	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
1078	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1079	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1080	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1081	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1082	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1083	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
1084	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
1085	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xef477acf4ab2d300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009
1086	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
1087	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1088	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1089	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1090	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1091	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
1092	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1093	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1094	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1095	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1096	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
1097	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
1098	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
1099	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1100	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1101	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1102	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
1103	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
1104	6d24.6d28: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1105	6d24.6d28: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=68
1106	6d24.6d28: SUPR3HardenedMain: Load Runtime...
1107	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1108	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1109	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1110	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1111	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1112	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1113	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1114	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1115	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1116	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1117	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1118	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1119	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ws2_32.dll) WinVerifyTrust
1120	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
1121	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1122	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1123	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
1124	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1125	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1126	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1127	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1128	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
1129	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1130	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1131	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1132	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1133	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1134	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1135	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1136	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1137	6d24.6d28: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1138	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll)
1139	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1140	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1141	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1142	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1143	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1144	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1145	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1146	6d24.6d28: supR3HardenedDllNotificationCallback: load 0000000073420000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1147	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1148	6d24.6d28: supR3HardenedDllNotificationCallback: load 0000000072e10000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1149	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1150	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6fe0000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
1151	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
1152	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff3a190000 LB 0x005ed000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1153	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1154	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1155	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1156	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1157	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1158	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1159	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1160	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1161	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1162	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1163	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1164	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1165	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1166	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1167	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1168	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1169	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1170	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1171	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1172	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1173	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1174	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1175	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1176	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1177	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1178	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1179	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1180	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1181	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1182	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1183	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1184	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1185	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1186	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1187	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1188	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1189	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1190	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1191	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1192	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1193	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1194	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1195	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1196	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1197	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1198	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1199	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1200	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1201	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1202	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1203	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1204	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1205	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1206	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1207	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1208	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1209	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1210	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1211	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1212	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1213	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1214	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1215	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1216	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1217	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1218	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1219	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1220	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1221	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1222	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1223	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1224	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1225	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1226	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1227	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1228	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1229	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1230	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1231	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1232	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1233	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1234	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1235	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1236	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1237	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1238	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1239	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1240	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1241	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1242	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1243	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1244	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1245	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1246	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1247	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1248	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1249	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1250	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1251	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1252	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1253	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1254	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1255	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1256	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1257	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1258	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1259	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1260	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1261	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1262	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1263	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1264	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1265	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1266	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1267	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1268	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1269	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1270	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1271	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1272	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1273	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1274	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1275	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1276	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1277	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1278	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1279	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1280	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1281	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1282	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1283	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1284	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1285	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1286	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1287	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1288	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1289	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1290	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1291	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1292	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1293	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1294	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1295	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1296	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1297	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1298	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1299	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1300	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1301	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1302	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1303	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1304	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1305	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1306	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1307	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1308	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1309	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1310	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1311	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1312	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1313	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1314	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1315	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1316	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1317	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1318	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1319	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1320	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1321	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1322	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1323	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1324	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1325	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1326	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1327	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1328	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1329	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1330	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3a190000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1331	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1332	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'
1333	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll
1334	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1335	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5600000 'C:\WINDOWS\system32\Wintrust.dll'
1336	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
1337	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1338	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1339	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1340	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1341	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1342	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\system32\crypt32.dll'
1343	6d24.6d28: SUPR3HardenedMain: Load TrustedMain...
1344	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1345	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1346	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1347	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1348	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1349	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1350	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1351	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1352	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1353	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1354	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1355	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1356	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1357	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1358	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1359	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1360	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1361	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1362	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1363	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1364	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
1365	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1366	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\winmm.dll) WinVerifyTrust
1367	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\winmm.dll
1368	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1369	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1370	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1371	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1372	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1373	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
1374	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
1375	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
1376	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1377	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\winmmbase.dll)
1378	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\winmmbase.dll
1379	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1380	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1381	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1382	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1383	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
1384	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1385	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1386	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1387	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1388	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
1389	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\oleaut32.dll) WinVerifyTrust
1390	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
1391	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1392	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1393	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1394	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1395	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1396	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1397	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
1398	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1399	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'.
1400	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\combase.dll)
1401	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\combase.dll
1402	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1403	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1404	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
1405	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll)
1406	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
1407	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1408	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1409	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll
1410	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1411	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1412	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1413	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1414	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
1415	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
1416	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
1417	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
1418	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ole32.dll) WinVerifyTrust
1419	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ole32.dll
1420	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1421	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1422	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1423	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1424	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll [lacks WinVerifyTrust]
1425	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1426	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1427	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
1428	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1429	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1430	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\user32.dll)
1431	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\user32.dll
1432	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1433	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1434	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
1435	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
1436	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gdi32.dll)
1437	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gdi32.dll
1438	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1439	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1440	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1441	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1442	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
1443	6d24.6d28: '\Device\HarddiskVolume8\Windows\System32\win32u.dll' has no imports
1444	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\win32u.dll)
1445	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\win32u.dll
1446	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1447	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1448	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1449	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1450	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1451	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1452	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1453	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1454	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1455	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1456	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\user32.dll) WinVerifyTrust
1457	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1458	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1459	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1460	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1461	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1462	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1463	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1464	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1465	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1466	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1467	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1468	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1469	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1470	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1471	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1472	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1473	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1474	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1475	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1476	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1477	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1478	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1479	6d24.6d28: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
1480	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1481	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1482	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1483	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1484	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1485	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1486	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1487	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1488	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
1489	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1490	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1491	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1492	6d24.6d28: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
1493	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1494	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1495	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1496	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1497	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1498	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1499	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1500	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
1501	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1502	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1503	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1504	6d24.6d28: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1505	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1506	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1507	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1508	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1509	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1510	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1511	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1512	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
1513	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1514	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1515	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1516	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1517	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1518	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1519	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1520	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1521	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1522	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
1523	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
1524	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
1525	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\shell32.dll)
1526	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\shell32.dll
1527	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1528	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1529	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1530	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1531	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1532	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1533	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1534	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1535	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1536	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1537	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1538	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1539	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1540	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1541	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1542	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1543	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1544	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1545	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1546	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1547	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1548	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1549	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1550	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1551	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1552	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1553	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1554	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1555	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1556	6d24.6d28: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\opengl32.dll'.
1557	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1558	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1559	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1560	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1561	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
1562	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\opengl32.dll)
1563	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\opengl32.dll
1564	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1565	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1566	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
1567	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1568	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1569	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1570	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1571	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1572	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1573	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1574	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1575	6d24.6d28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
1576	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\mpr.dll)
1577	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\mpr.dll
1578	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1579	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1580	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
1581	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1582	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1583	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
1584	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1585	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1586	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
1587	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1588	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1589	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1590	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1591	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1592	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1593	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1594	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1595	6d24.6d28: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
1596	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1597	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1598	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1599	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\glu32.dll)
1600	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\glu32.dll
1601	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1602	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1603	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1604	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1605	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1606	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1607	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1608	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1609	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
1610	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1611	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1612	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1613	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1614	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1615	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1616	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1617	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1618	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1619	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1620	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1621	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1622	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1623	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1624	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1625	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1626	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1627	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1628	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1629	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1630	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1631	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1632	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1633	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1634	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1635	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1636	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1637	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1638	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1639	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1640	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1641	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1642	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1643	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1644	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1645	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1646	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1647	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1648	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1649	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1650	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1651	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1652	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1653	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1654	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1655	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1656	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1657	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1658	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1659	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1660	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1661	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1662	6d24.6d28: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
1663	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1664	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1665	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1666	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1667	6d24.6d28: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
1668	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1669	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1670	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1671	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1672	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1673	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1674	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1675	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1676	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1677	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1678	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1679	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1680	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1681	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1682	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1683	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1684	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1685	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1686	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1687	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1688	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1689	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1690	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\UICommon.dll
1691	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1692	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1693	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1694	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000470 pwszName=\Device\HarddiskVolume8\Windows\System32\opengl32.dll
1695	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
1696	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
1697	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
1698	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1699	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1700	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1701	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1702	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
1703	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1704	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1705	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
1706	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1707	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1708	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
1709	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1710	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1711	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1712	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1713	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1714	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
1715	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1716	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1717	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1718	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1719	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1720	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1721	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1722	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1723	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1724	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1725	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
1726	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
1727	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.752.cat'; file='\Device\HarddiskVolume8\Windows\System32\opengl32.dll'
1728	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1729	6d24.6d28: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\opengl32.dll'
1730	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1731	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1732	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll
1733	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\UICommon.dll
1734	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1735	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1736	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1737	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1738	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
1739	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1740	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1741	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1742	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1743	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
1744	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\DXCore.dll)
1745	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\DXCore.dll
1746	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa55d0000 LB 0x00021000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
1747	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
1748	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5530000 LB 0x0009e000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
1749	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
1750	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6360000 LB 0x00194000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
1751	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1752	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
1753	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
1754	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
1755	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gdi32full.dll)
1756	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gdi32full.dll
1757	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6d90000 LB 0x00026000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
1758	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
1759	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa69f0000 LB 0x00194000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
1760	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [avoiding WinVerifyTrust]
1761	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa7780000 LB 0x00336000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
1762	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1763	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa62c0000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
1764	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll)
1765	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll
1766	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa40b0000 LB 0x00020000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
1767	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
1768	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff910a0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
1769	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1770	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff3a030000 LB 0x00156000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
1771	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll
1772	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa7180000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
1773	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1774	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
1775	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
1776	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\SHCore.dll)
1777	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\SHCore.dll
1778	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5460000 LB 0x00010000 C:\WINDOWS\System32\UMPDC.dll [fFlags=0x0]
1779	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\umpdc.dll)
1780	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\umpdc.dll
1781	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5490000 LB 0x0004a000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
1782	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
1783	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'.
1784	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\powrprof.dll)
1785	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\powrprof.dll
1786	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6d30000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
1787	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1788	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
1789	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
1790	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\shlwapi.dll)
1791	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\shlwapi.dll
1792	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5470000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
1793	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
1794	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
1795	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll)
1796	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll
1797	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa59c0000 LB 0x0077d000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
1798	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
1799	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
1800	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
1801	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
1802	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\windows.storage.dll)
1803	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\windows.storage.dll
1804	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa7ac0000 LB 0x006e4000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
1805	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
1806	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6e70000 LB 0x00157000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
1807	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
1808	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff8a210000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
1809	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1810	6d24.6d28: supR3HardenedDllNotificationCallback: load 0000000072eb0000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1811	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1812	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff37130000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1813	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1814	6d24.6d28: supR3HardenedDllNotificationCallback: load 00000000728a0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1815	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1816	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa8490000 LB 0x000c4000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
1817	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
1818	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff37730000 LB 0x02614000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
1819	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\UICommon.dll
1820	6d24.6d28: supR3HardenedDllNotificationCallback: load 0000000072840000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1821	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1822	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa31d0000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
1823	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1824	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa3330000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
1825	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
1826	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff369b0000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
1827	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1828	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
1829	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
1830	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
1831	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
1832	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
1833	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
1834	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
1835	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
1836	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
1837	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
1838	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
1839	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
1840	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
1841	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
1842	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
1843	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
1844	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
1845	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
1846	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
1847	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
1848	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
1849	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
1850	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
1851	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
1852	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1853	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1854	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
1855	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
1856	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
1857	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
1858	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
1859	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
1860	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
1861	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
1862	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
1863	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
1864	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
1865	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
1866	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll
1867	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
1868	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
1869	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\profapi.dll
1870	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1871	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1872	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1873	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1874	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1875	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
1876	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
1877	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1878	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1879	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll [redoing WinVerifyTrust]
1880	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
1881	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\combase.dll
1882	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1883	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1884	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1885	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1886	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1887	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1888	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [redoing WinVerifyTrust]
1889	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
1890	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\user32.dll
1891	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1892	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1893	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1894	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
1895	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\gdi32.dll
1896	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1897	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1898	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'...
1899	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008]
1900	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\umpdc.dll [redoing WinVerifyTrust]
1901	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
1902	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\umpdc.dll
1903	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1904	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1905	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1906	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1907	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll [redoing WinVerifyTrust]
1908	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
1909	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\combase.dll
1910	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1911	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1912	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
1913	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1914	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1915	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1916	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1917	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1918	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
1919	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\win32u.dll
1920	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1921	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1922	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [redoing WinVerifyTrust]
1923	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
1924	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\user32.dll
1925	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1926	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1927	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1928	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
1929	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\gdi32.dll
1930	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1931	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1932	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1933	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
1934	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
1935	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1936	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1937	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1938	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
1939	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\win32u.dll
1940	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1941	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1942	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1943	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
1944	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
1945	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1946	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa70c0000 'C:\WINDOWS\System32\kernel32.dll'
1947	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
1948	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
1949	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
1950	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
1951	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
1952	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
1953	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
1954	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
1955	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
1956	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
1957	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
1958	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
1959	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
1960	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
1961	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
1962	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
1963	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
1964	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
1965	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
1966	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
1967	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
1968	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
1969	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
1970	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
1971	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1972	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1973	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
1974	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
1975	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
1976	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
1977	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
1978	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
1979	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
1980	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
1981	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
1982	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
1983	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
1984	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
1985	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
1986	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
1987	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
1988	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
1989	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
1990	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
1991	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
1992	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
1993	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
1994	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
1995	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
1996	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
1997	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
1998	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
1999	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2000	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2001	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2002	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2003	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2004	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2005	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2006	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2007	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2008	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2009	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2010	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2011	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2012	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2013	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2014	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2015	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2016	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2017	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2018	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2019	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2020	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2021	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2022	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2023	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
2024	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2025	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-string-l1-1-0'
2026	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2027	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2028	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2029	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2030	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2031	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2032	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2033	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2034	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2035	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2036	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2037	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2038	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2039	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2040	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2041	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2042	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2043	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2044	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2045	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2046	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2047	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2048	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2049	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2050	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2051	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2052	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2053	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2054	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2055	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2056	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2057	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2058	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2059	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2060	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2061	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2062	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2063	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2064	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2065	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2066	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2067	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2068	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2069	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2070	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2071	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2072	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2073	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2074	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2075	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2076	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2077	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2078	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2079	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2080	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2081	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2082	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2083	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2084	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2085	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2086	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2087	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2088	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2089	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2090	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2091	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2092	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2093	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2094	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2095	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2096	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2097	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2098	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2099	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2100	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2101	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2102	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
2103	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2104	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-datetime-l1-1-1'
2105	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2106	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2107	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2108	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2109	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2110	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2111	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2112	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2113	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2114	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2115	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2116	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2117	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2118	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2119	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2120	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2121	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2122	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2123	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2124	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2125	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2126	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2127	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2128	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2129	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2130	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2131	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2132	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2133	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2134	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2135	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2136	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2137	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2138	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2139	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2140	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2141	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2142	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2143	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2144	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2145	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2146	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2147	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2148	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2149	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2150	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2151	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2152	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2153	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2154	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2155	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2156	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2157	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2158	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2159	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2160	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2161	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2162	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2163	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2164	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2165	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2166	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2167	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2168	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2169	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2170	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2171	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2172	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2173	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2174	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2175	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2176	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2177	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2178	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2179	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2180	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2181	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
2182	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2183	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-obsolete-l1-2-0'
2184	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2185	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2186	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2187	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2188	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2189	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2190	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2191	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2192	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2193	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2194	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2195	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2196	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2197	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2198	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2199	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2200	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2201	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2202	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2203	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2204	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2205	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2206	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2207	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2208	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2209	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2210	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2211	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2212	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2213	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2214	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2215	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2216	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2217	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2218	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2219	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2220	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2221	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2222	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2223	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2224	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2225	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2226	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2227	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2228	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2229	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2230	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2231	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2232	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2233	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2234	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2235	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2236	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2237	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2238	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2239	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2240	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2241	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2242	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2243	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2244	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2245	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2246	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2247	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2248	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2249	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2250	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2251	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2252	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2253	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2254	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2255	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2256	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2257	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2258	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2259	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2260	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
2261	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
2262	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
2263	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\imm32.dll)
2264	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\imm32.dll
2265	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2266	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2267	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2268	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2269	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\win32u.dll
2270	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2271	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2272	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [redoing WinVerifyTrust]
2273	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2274	6d24.6d28: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\user32.dll
2275	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2276	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa8460000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
2277	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
2278	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa8460000 'C:\WINDOWS\system32\IMM32.DLL'
2279	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
2280	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rescheduled]
2281	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2282	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2283	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2284	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2285	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2286	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2287	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2288	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2289	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2290	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2291	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2292	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2293	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2294	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2295	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2296	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2297	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2298	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2299	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2300	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2301	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2302	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2303	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2304	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2305	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2306	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2307	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2308	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2309	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2310	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2311	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2312	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2313	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2314	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2315	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2316	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2317	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2318	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2319	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
2320	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rescheduled]
2321	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2322	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2323	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2324	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2325	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2326	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2327	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2328	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2329	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2330	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2331	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2332	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2333	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2334	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2335	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2336	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2337	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2338	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2339	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2340	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2341	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2342	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2343	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2344	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2345	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2346	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2347	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2348	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2349	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2350	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2351	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2352	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2353	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2354	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2355	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2356	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2357	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2358	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2359	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
2360	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2361	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa82d0000 'C:\WINDOWS\System32\ADVAPI32.DLL'
2362	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
2363	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rescheduled]
2364	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'.
2365	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll' [rescheduled]
2366	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'.
2367	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll' [rescheduled]
2368	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'.
2369	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rescheduled]
2370	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'.
2371	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll' [rescheduled]
2372	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'.
2373	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll' [rescheduled]
2374	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'.
2375	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll' [rescheduled]
2376	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
2377	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rescheduled]
2378	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
2379	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
2380	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'.
2381	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll' [rescheduled]
2382	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
2383	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
2384	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
2385	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
2386	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
2387	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
2388	6d24.6d28: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2389	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2390	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
2391	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
2392	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
2393	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
2394	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
2395	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
2396	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
2397	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
2398	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
2399	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
2400	6d24.6d28: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
2401	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rescheduled]
2402	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff369b0000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
2403	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2404	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2405	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll'
2406	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2407	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2408	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'
2409	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2410	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2411	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'
2412	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2413	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2414	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'
2415	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2416	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2417	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\powrprof.dll'
2418	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2419	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2420	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\umpdc.dll'
2421	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2422	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2423	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'
2424	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2425	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2426	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'
2427	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2428	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2429	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'
2430	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2431	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2432	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\DXCore.dll'
2433	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume8\Windows\System32\glu32.dll
2434	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2435	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2436	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
2437	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2438	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2439	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.752.cat'; file='\Device\HarddiskVolume8\Windows\System32\glu32.dll'
2440	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2441	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll'
2442	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2443	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2444	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll'
2445	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2446	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2447	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll'
2448	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2449	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
2450	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2451	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2452	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll'
2453	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2454	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2455	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'
2456	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2457	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2458	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\user32.dll'
2459	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2460	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2461	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'
2462	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2463	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2464	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\combase.dll'
2465	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
2466	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2467	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2468	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2469	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'
2470	6d24.6d28: SUPR3HardenedMain: Calling TrustedMain (00007fff369b16c0)...
2471	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2472	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
2473	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
2474	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2475	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
2476	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
2477	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2478	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
2479	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
2480	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
2481	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
2482	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
2483	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
2484	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2485	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2486	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2487	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2488	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2489	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2490	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2491	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2492	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2493	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2494	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2495	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
2496	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2497	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2498	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
2499	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2500	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2501	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
2502	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2503	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2504	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
2505	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2506	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2507	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\imm32.dll
2508	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2509	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2510	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2511	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2512	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
2513	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2514	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2515	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2516	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2517	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff4fc30000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2518	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2519	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4fc30000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
2520	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000664 pwszName=\Device\HarddiskVolume8\Windows\System32\uxtheme.dll
2521	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2522	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2523	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=286AD1CEC16EFDCA5718925D19E68A486A5851A0
2524	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2525	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2526	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.778.cat'; file='\Device\HarddiskVolume8\Windows\System32\uxtheme.dll'
2527	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2528	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2529	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
2530	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
2531	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\uxtheme.dll) WinVerifyTrust
2532	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
2533	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2534	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2535	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2536	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2537	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2538	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2539	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2540	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
2541	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa3600000 LB 0x00099000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
2542	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
2543	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3600000 'C:\WINDOWS\system32\uxtheme.dll'
2544	6d24.6d28: \Device\HarddiskVolume8\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\MsgHook64.dll: Owner is administrators group.
2545	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2546	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'.
2547	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2548	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
2549	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2550	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\MsgHook64.dll) WinVerifyTrust
2551	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\MsgHook64.dll
2552	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2553	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2554	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
2555	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2556	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2557	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2558	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2559	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
2560	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
2561	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2562	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2563	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\psapi.dll) WinVerifyTrust
2564	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\psapi.dll
2565	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2566	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\MsgHook64.dll
2567	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6940000 LB 0x00008000 C:\WINDOWS\System32\PSAPI.DLL [fFlags=0x0]
2568	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\psapi.dll
2569	6d24.6d28: supR3HardenedDllNotificationCallback: load 0000000180000000 LB 0x0001b000 C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll [fFlags=0x0]
2570	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\MsgHook64.dll
2571	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000180000000 'C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll'
2572	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll
2573	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\user32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2574	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa69f0000 'C:\WINDOWS\system32\user32.dll'
2575	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
2576	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2577	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa7ac0000 'C:\WINDOWS\system32\shell32.dll'
2578	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
2579	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2580	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa7180000 'C:\WINDOWS\system32\SHCore.dll'
2581	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
2582	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
2583	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
2584	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2585	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\system32\winmm.dll'
2586	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
2587	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2588	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\system32\winmm.dll'
2589	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
2590	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2591	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa7ac0000 'C:\WINDOWS\system32\shell32.dll'
2592	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
2593	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2594	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3600000 'C:\WINDOWS\system32\uxtheme.dll'
2595	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
2596	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2597	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa82d0000 'C:\WINDOWS\system32\advapi32.dll'
2598	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2599	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2600	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2601	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'profapi.dll'.
2602	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\userenv.dll) WinVerifyTrust
2603	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\userenv.dll
2604	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
2605	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
2606	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\profapi.dll
2607	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2608	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2609	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2610	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\userenv.dll
2611	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa5380000 LB 0x00025000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
2612	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\userenv.dll
2613	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5380000 'C:\WINDOWS\system32\userenv.dll'
2614	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll
2615	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2616	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa70c0000 'C:\WINDOWS\System32\kernel32.dll'
2617	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6dc0000 LB 0x000a2000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
2618	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2619	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
2620	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\clbcatq.dll)
2621	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\clbcatq.dll
2622	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2623	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2624	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2625	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2626	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2627	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2628	6d24.6d5c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\clbcatq.dll'
2629	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2630	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2631	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2632	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2633	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2634	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2635	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2636	6d24.6d5c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2637	6d24.6d5c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxC.dll
2638	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2639	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2640	6d24.6d5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
2641	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2642	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2643	6d24.6d5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
2644	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2645	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2646	6d24.6d5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
2647	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2648	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2649	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2650	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2651	6d24.6d5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
2652	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2653	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2654	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2655	6d24.6d5c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxC.dll
2656	6d24.6d5c: supR3HardenedDllNotificationCallback: load 00007fff36d80000 LB 0x003b0000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2657	6d24.6d5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxC.dll
2658	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff36d80000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2659	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2660	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2661	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2662	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2663	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2664	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2665	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2666	6d24.6d5c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2667	6d24.6d5c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2668	6d24.6d5c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2669	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2670	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2671	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2672	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2673	6d24.6d5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
2674	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2675	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2676	6d24.6d5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
2677	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2678	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2679	6d24.6d5c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shlwapi.dll
2680	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2681	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2682	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2683	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2684	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2685	6d24.6d5c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2686	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2687	6d24.6d5c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2688	6d24.6d5c: supR3HardenedDllNotificationCallback: load 00007fff3b0b0000 LB 0x000ed000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2689	6d24.6d5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2690	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff3b0b0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
2691	6d24.6d5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
2692	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2693	6d24.6d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa8490000 'C:\Windows\System32\oleaut32.dll'
2694	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007b0 pwszName=\Device\HarddiskVolume8\Windows\System32\DWrite.dll
2695	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2696	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2697	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B120F7CFDE097724D5BD2D636015877A1771CAB
2698	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2699	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2700	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0417~31bf3856ad364e35~amd64~~10.0.18362.753.cat'; file='\Device\HarddiskVolume8\Windows\System32\DWrite.dll'
2701	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2702	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2703	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
2704	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\DWrite.dll) WinVerifyTrust
2705	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\DWrite.dll
2706	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2707	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2708	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2709	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2710	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dwrite.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2711	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DWrite.dll
2712	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9ac70000 LB 0x002fe000 C:\WINDOWS\system32\dwrite.dll [fFlags=0x0]
2713	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DWrite.dll
2714	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9ac70000 'C:\WINDOWS\system32\dwrite.dll'
2715	6d24.6d58: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2716	6d24.6d58: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2717	6d24.6d58: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2718	6d24.6d58: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2719	6d24.6d58: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2720	6d24.6d58: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
2721	6d24.6d58: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2722	6d24.6d58: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2723	6d24.6d58: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2724	6d24.6d58: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2725	6d24.6d58: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2726	6d24.6d58: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2727	6d24.6d58: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2728	6d24.6d58: supR3HardenedDllNotificationCallback: load 00007fff9d720000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
2729	6d24.6d58: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2730	6d24.6d58: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d720000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
2731	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
2732	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2733	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa7ac0000 'C:\WINDOWS\system32\shell32.dll'
2734	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa6b90000 LB 0x00136000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
2735	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2736	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
2737	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
2738	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
2739	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
2740	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
2741	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msctf.dll)
2742	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msctf.dll
2743	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2744	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2745	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2746	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2747	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\imm32.dll
2748	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2749	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2750	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2751	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2752	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2753	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2754	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
2755	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2756	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2757	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2758	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2759	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msctf.dll'
2760	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009f4 pwszName=\Device\HarddiskVolume8\Windows\System32\DataExchange.dll
2761	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2762	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2763	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3632E0380EF7C400BBC7C4B0B9ED8D9F9860503B
2764	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2765	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2766	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.18362.753.cat'; file='\Device\HarddiskVolume8\Windows\System32\DataExchange.dll'
2767	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2768	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2769	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
2770	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'.
2771	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'.
2772	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'.
2773	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\DataExchange.dll) WinVerifyTrust
2774	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\DataExchange.dll
2775	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
2776	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume8\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
2777	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2778	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2779	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
2780	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
2781	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\dcomp.dll) WinVerifyTrust
2782	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\dcomp.dll
2783	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
2784	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume8\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
2785	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2786	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2787	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
2788	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2789	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2790	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll
2791	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2792	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2793	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2794	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'.
2795	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
2796	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\d3d11.dll) WinVerifyTrust
2797	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\d3d11.dll
2798	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2799	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2800	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
2801	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
2802	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume8\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
2803	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
2804	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2805	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2806	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
2807	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2808	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2809	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll
2810	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
2811	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume8\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
2812	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2813	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
2814	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2815	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2816	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2817	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
2818	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\dxgi.dll) WinVerifyTrust
2819	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\dxgi.dll
2820	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2821	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2822	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2823	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2824	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2825	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2826	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2827	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DataExchange.dll
2828	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\d3d11.dll
2829	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dcomp.dll
2830	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dxgi.dll
2831	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa4140000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
2832	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dxgi.dll
2833	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa2940000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
2834	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\d3d11.dll
2835	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa2ba0000 LB 0x001dc000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
2836	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dcomp.dll
2837	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff737e0000 LB 0x0003a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
2838	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DataExchange.dll
2839	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6d90000 'C:\WINDOWS\System32\gdi32.dll'
2840	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff737e0000 'C:\WINDOWS\system32\dataexchange.dll'
2841	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
2842	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
2843	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
2844	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'.
2845	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll)
2846	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll
2847	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2848	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
2849	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rmclient.dll)
2850	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rmclient.dll
2851	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa3bf0000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0]
2852	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
2853	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa36e0000 LB 0x0025a000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
2854	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
2855	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2856	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2857	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2858	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2859	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2860	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2861	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
2862	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2863	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2864	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
2865	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2866	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2867	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
2868	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume8\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
2869	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
2870	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2871	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2872	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\rmclient.dll'
2873	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2874	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2875	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll'
2876	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
2877	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2878	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa7180000 'C:\WINDOWS\system32\Shcore.dll'
2879	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2880	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2881	6d24.6d28: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
2882	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ntdll.dll) WinVerifyTrust
2883	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ntdll.dll
2884	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2885	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa85a0000 'C:\WINDOWS\System32\ntdll.dll'
2886	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
2887	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
2888	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
2889	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5openglvbox.dll'.
2890	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
2891	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'opengl32.dll'.
2892	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
2893	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
2894	6d24.6d28: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000af0 (hFile=0000000000000ad4) with 0xc0000022 -> STATUS_TRUST_FAILURE
2895	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
2896	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
2897	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll
2898	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
2899	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
2900	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
2901	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
2902	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
2903	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
2904	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2905	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2906	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2907	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2908	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2909	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2910	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2911	6d24.6d28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
2912	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ae8 pwszName=\Device\HarddiskVolume8\Windows\System32\apphelp.dll
2913	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2914	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2915	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CAB05C7236BF75A3E9746E25E1039005E1268927
2916	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2917	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2918	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0414~31bf3856ad364e35~amd64~~10.0.18362.752.cat'; file='\Device\HarddiskVolume8\Windows\System32\apphelp.dll'
2919	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2920	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\apphelp.dll) WinVerifyTrust
2921	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\apphelp.dll
2922	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2923	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\apphelp.dll
2924	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa3430000 LB 0x0008f000 C:\WINDOWS\system32\apphelp.dll [fFlags=0x0]
2925	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\apphelp.dll
2926	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ntdll.dll
2927	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2928	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa85a0000 'C:\WINDOWS\System32\ntdll.dll'
2929	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3430000 'C:\WINDOWS\system32\apphelp.dll'
2930	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
2931	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2932	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6e70000 'C:\WINDOWS\System32\ole32.dll'
2933	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
2934	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2935	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa8490000 'C:\WINDOWS\System32\OLEAUT32.dll'
2936	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b54 pwszName=\Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
2937	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2938	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2939	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DB1AA7E2E4704C908EC9382E1F9E64808B9E5E1D
2940	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2941	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2942	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.753.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll'
2943	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2944	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2945	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
2946	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
2947	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2948	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
2949	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2950	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2951	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a38 pwszName=\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
2952	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2953	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2954	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=22EAF38FA276D7A374D3945ACD556FA0953D3440
2955	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2956	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2957	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.753.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll'
2958	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2959	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2960	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
2961	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
2962	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll) WinVerifyTrust
2963	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
2964	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2965	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2966	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
2967	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2968	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2969	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2970	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2971	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
2972	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
2973	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
2974	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll
2975	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2976	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2977	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2978	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
2979	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
2980	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9e2b0000 LB 0x00084000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
2981	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
2982	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9e360000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
2983	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
2984	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
2985	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2986	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2987	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9e360000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
2988	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a44 pwszName=\Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
2989	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
2990	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
2991	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00C864D7F76A7AD25E7D0DA164B0B66188F5B7FF
2992	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
2993	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
2994	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.753.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll'
2995	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2996	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2997	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2998	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2999	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
3000	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3001	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3002	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3003	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3004	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3005	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
3006	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9c900000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
3007	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
3008	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9c900000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
3009	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
3010	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3011	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-l1-2-0.dll'
3012	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
3013	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3014	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
3015	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b5c pwszName=\Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
3016	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3017	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3018	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0708A64F48237CD4D5092546CE9C373F20B30CA1
3019	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3020	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3021	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.753.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll'
3022	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3023	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3024	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
3025	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
3026	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
3027	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
3028	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
3029	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
3030	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3031	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3032	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3033	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
3034	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9c480000 LB 0x00101000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
3035	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
3036	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9c480000 'C:\WINDOWS\system32\wbem\fastprox.dll'
3037	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b78 pwszName=\Device\HarddiskVolume8\Windows\System32\amsi.dll
3038	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3039	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3040	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B5D4D58A583ACAD5AA76D7DD0F2DB8ADE903942B
3041	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3042	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3043	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.18362.753.cat'; file='\Device\HarddiskVolume8\Windows\System32\amsi.dll'
3044	6d24.6d28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3045	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3046	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
3047	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'userenv.dll'.
3048	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\amsi.dll) WinVerifyTrust
3049	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\amsi.dll
3050	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
3051	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume8\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
3052	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\userenv.dll
3053	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3054	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3055	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3056	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3057	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3058	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\amsi.dll
3059	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff97ca0000 LB 0x00015000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
3060	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\amsi.dll
3061	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff97ca0000 'C:\WINDOWS\System32\amsi.dll'
3062	6d24.6d28: \Device\HarddiskVolume8\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll: Owner is administrators group.
3063	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3064	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wintrust.dll'.
3065	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'crypt32.dll'.
3066	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3067	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3068	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
3069	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
3070	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shlwapi.dll'.
3071	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'userenv.dll'.
3072	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'shell32.dll'.
3073	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'.
3074	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll) WinVerifyTrust
3075	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll
3076	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3077	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3078	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
3079	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
3080	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
3081	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
3082	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume8\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
3083	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\userenv.dll
3084	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
3085	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
3086	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shlwapi.dll
3087	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3088	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3089	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3090	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3091	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3092	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3093	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3094	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3095	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
3096	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume8\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
3097	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wintrust.dll'...
3098	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'wintrust.dll' -> '\Device\HarddiskVolume8\Windows\System32\wintrust.dll' [rcNtRedir=0xc0150008]
3099	6d24.6d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll
3100	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3101	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll
3102	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff971f0000 LB 0x000ae000 C:\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll [fFlags=0x0]
3103	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll
3104	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3105	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3106	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
3107	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3108	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3109	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
3110	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3111	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3112	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
3113	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3114	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3115	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
3116	6d24.6d28: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3117	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3118	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-l1-2-1'
3119	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff971f0000 'C:\Program Files\Norton Internet Security\Engine\22.20.2.57\symamsi.dll'
3120	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3121	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3122	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3123	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
3124	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3125	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3126	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3127	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3128	6d24.6d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3129	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3130	6d24.6d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3131	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff36630000 LB 0x0037d000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
3132	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3133	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff36630000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3134	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3135	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c58 pwszName=\Device\HarddiskVolume8\Windows\System32\NetSetupShim.dll
3136	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3137	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3138	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7F5B666FF2CFCD1394E450AF7141F0F82A5730F3
3139	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3140	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3141	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04113~31bf3856ad364e35~amd64~~10.0.18362.752.cat'; file='\Device\HarddiskVolume8\Windows\System32\NetSetupShim.dll'
3142	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3143	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3144	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
3145	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'oleaut32.dll'.
3146	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'ws2_32.dll'.
3147	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'netsetupapi.dll'.
3148	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'setupapi.dll'.
3149	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'devrtl.dll'.
3150	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\NetSetupShim.dll) WinVerifyTrust
3151	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\NetSetupShim.dll
3152	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devrtl.dll'...
3153	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'devrtl.dll' -> '\Device\HarddiskVolume8\Windows\System32\devrtl.dll' [rcNtRedir=0xc0150008]
3154	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ce4 pwszName=\Device\HarddiskVolume8\Windows\System32\devrtl.dll
3155	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3156	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3157	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D2E5A6C3AFA14B1D9C532760FD646C3AC357C7AB
3158	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3159	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3160	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.815.cat'; file='\Device\HarddiskVolume8\Windows\System32\devrtl.dll'
3161	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3162	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\devrtl.dll) WinVerifyTrust
3163	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\devrtl.dll
3164	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3165	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3166	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3167	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3168	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3169	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
3170	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'cfgmgr32.dll'.
3171	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'bcrypt.dll'.
3172	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\setupapi.dll) WinVerifyTrust
3173	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\setupapi.dll
3174	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netsetupapi.dll'...
3175	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'netsetupapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\netsetupapi.dll' [rcNtRedir=0xc0150008]
3176	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
3177	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
3178	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll
3179	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3180	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3181	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll
3182	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3183	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3184	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3185	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3186	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3187	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3188	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3189	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
3190	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\NetSetupApi.dll) WinVerifyTrust
3191	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\NetSetupApi.dll
3192	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3193	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3194	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
3195	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3196	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3197	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3198	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3199	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3200	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3201	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
3202	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3203	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3204	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3205	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3206	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupShim.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3207	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\NetSetupShim.dll
3208	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\NetSetupApi.dll
3209	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\devrtl.dll
3210	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff92150000 LB 0x00025000 C:\Windows\System32\NetSetupApi.dll [fFlags=0x0]
3211	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\NetSetupApi.dll
3212	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fffa7310000 LB 0x00470000 C:\WINDOWS\System32\setupapi.dll [fFlags=0x0]
3213	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\setupapi.dll
3214	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff9a930000 LB 0x00013000 C:\Windows\System32\DEVRTL.dll [fFlags=0x0]
3215	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\devrtl.dll
3216	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff4b840000 LB 0x00081000 C:\Windows\System32\NetSetupShim.dll [fFlags=0x0]
3217	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\NetSetupShim.dll
3218	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4b840000 'C:\Windows\System32\NetSetupShim.dll'
3219	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3220	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3221	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3222	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
3223	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'nsi.dll'.
3224	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'winnsi.dll'.
3225	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\NetSetupEngine.dll) WinVerifyTrust
3226	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\NetSetupEngine.dll
3227	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
3228	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume8\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
3229	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3230	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3231	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3232	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
3233	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\winnsi.dll) WinVerifyTrust
3234	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\winnsi.dll
3235	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3236	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume8\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3237	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3238	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume8\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3239	6d24.6dc0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\nsi.dll'.
3240	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\nsi.dll)
3241	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\nsi.dll
3242	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3243	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3244	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3245	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3246	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\nsi.dll) WinVerifyTrust
3247	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3248	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3249	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3250	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3251	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupEngine.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3252	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\NetSetupEngine.dll
3253	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winnsi.dll
3254	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fffa7230000 LB 0x00008000 C:\WINDOWS\System32\NSI.dll [fFlags=0x0]
3255	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
3256	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff9cc20000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\WINNSI.DLL [fFlags=0x0]
3257	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winnsi.dll
3258	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff36560000 LB 0x000ce000 C:\Windows\System32\NetSetupEngine.dll [fFlags=0x0]
3259	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\NetSetupEngine.dll
3260	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff36560000 'C:\Windows\System32\NetSetupEngine.dll'
3261	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3262	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3263	6d24.6dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\nsi.dll'
3264	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3265	6d24.6e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3266	6d24.6e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3267	6d24.6e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3268	6d24.6e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3269	6d24.6e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3270	6d24.6e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
3271	6d24.6e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3272	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3273	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3274	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3275	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3276	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3277	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3278	6d24.6e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3279	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3280	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3281	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3282	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3283	6d24.6e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
3284	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3285	6d24.6e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3286	6d24.6e10: supR3HardenedDllNotificationCallback: load 00007fff93e00000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
3287	6d24.6e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3288	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93e00000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
3289	6d24.6e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3290	6d24.6e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3291	6d24.6e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3292	6d24.6e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3293	6d24.6e14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
3294	6d24.6e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3295	6d24.6e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3296	6d24.6e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3297	6d24.6e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3298	6d24.6e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3299	6d24.6e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3300	6d24.6e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3301	6d24.6e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3302	6d24.6e14: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3303	6d24.6e14: supR3HardenedDllNotificationCallback: load 00007fff925a0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
3304	6d24.6e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3305	6d24.6e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff925a0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
3306	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa7ac0000 'C:\WINDOWS\system32\Shell32.dll'
3307	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3308	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3309	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff36630000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3310	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3311	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3312	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3313	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3314	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3315	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
3316	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
3317	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3318	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3319	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3320	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3321	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3322	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3323	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3324	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3325	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3326	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3327	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3328	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3329	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3330	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff6d8c0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
3331	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3332	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff6d8c0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
3333	6d24.6dc0: supR3HardenedDllNotificationCallback: Unload 00007fff6d8c0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
3334	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3335	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3336	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3337	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3338	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3339	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
3340	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
3341	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3342	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
3343	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
3344	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
3345	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
3346	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
3347	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD.dll
3348	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
3349	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
3350	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3351	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3352	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
3353	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL
3354	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3355	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3356	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3357	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3358	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
3359	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3360	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3361	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\setupapi.dll
3362	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3363	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3364	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
3365	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
3366	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3367	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3368	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3369	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
3370	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3371	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
3372	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
3373	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3374	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3375	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3376	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3377	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3378	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3379	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3380	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3381	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
3382	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
3383	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
3384	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3385	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3386	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3387	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3388	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3389	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3390	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3391	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3392	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3393	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3394	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3395	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3396	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\setupapi.dll
3397	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3398	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3399	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3400	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3401	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3402	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3403	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3404	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD.dll
3405	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3406	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3407	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL
3408	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff4d9a0000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
3409	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3410	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff35310000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
3411	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3412	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fffa49e0000 LB 0x0003a000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
3413	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL
3414	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff35b70000 LB 0x009e4000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
3415	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD.dll
3416	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff35b70000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
3417	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3418	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3419	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3420	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3421	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff6d8c0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
3422	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3423	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff6d8c0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
3424	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3425	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxC.dll
3426	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3427	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff36d80000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
3428	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3429	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3430	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3431	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff35310000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
3432	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3433	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3434	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3435	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3436	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
3437	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3438	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3439	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3440	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3441	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3442	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3443	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3444	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff8a250000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
3445	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3446	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff8a250000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
3447	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3448	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3449	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3450	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3451	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
3452	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3453	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3454	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3455	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3456	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3457	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3458	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3459	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff81090000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
3460	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3461	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff81090000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
3462	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3463	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3464	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3465	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3466	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
3467	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3468	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3469	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3470	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3471	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3472	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3473	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3474	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff81070000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
3475	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3476	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff81070000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
3477	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3478	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3479	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3480	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3481	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
3482	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3483	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3484	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3485	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3486	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3487	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3488	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3489	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff7ca10000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
3490	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3491	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff7ca10000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
3492	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3493	6d24.6e20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3494	6d24.6e20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3495	6d24.6e20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3496	6d24.6e20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3497	6d24.6e20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3498	6d24.6e20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3499	6d24.6e20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3500	6d24.6e20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3501	6d24.6e20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3502	6d24.6e20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3503	6d24.6e20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3504	6d24.6e20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3505	6d24.6e20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3506	6d24.6e20: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3507	6d24.6e20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3508	6d24.6e20: supR3HardenedDllNotificationCallback: load 00007fff7aea0000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3509	6d24.6e20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3510	6d24.6e20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff7aea0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3511	6d24.6e24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3512	6d24.6e24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3513	6d24.6e24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3514	6d24.6e24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3515	6d24.6e24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3516	6d24.6e24: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
3517	6d24.6e24: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3518	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3519	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3520	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3521	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3522	6d24.6e24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3523	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3524	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3525	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3526	6d24.6e24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3527	6d24.6e24: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3528	6d24.6e24: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3529	6d24.6e24: supR3HardenedDllNotificationCallback: load 00007fff92520000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
3530	6d24.6e24: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3531	6d24.6e24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff92520000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
3532	6d24.6e28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3533	6d24.6e28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3534	6d24.6e28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3535	6d24.6e28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3536	6d24.6e28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
3537	6d24.6e28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3538	6d24.6e28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3539	6d24.6e28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3540	6d24.6e28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3541	6d24.6e28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3542	6d24.6e28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3543	6d24.6e28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3544	6d24.6e28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3545	6d24.6e28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3546	6d24.6e28: supR3HardenedDllNotificationCallback: load 00007fff923e0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
3547	6d24.6e28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3548	6d24.6e28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff923e0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
3549	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3550	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3551	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3552	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3553	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
3554	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3555	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3556	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3557	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3558	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3559	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3560	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3561	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fffa13d0000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
3562	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3563	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa13d0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
3564	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
3565	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3566	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3567	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3568	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3569	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
3570	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
3571	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll) WinVerifyTrust
3572	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll
3573	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
3574	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume8\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
3575	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3576	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3577	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
3578	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\devobj.dll) WinVerifyTrust
3579	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\devobj.dll
3580	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3581	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3582	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3583	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3584	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
3585	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3586	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3587	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll
3588	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3589	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll
3590	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\devobj.dll
3591	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fffa5260000 LB 0x0002a000 C:\WINDOWS\System32\DEVOBJ.dll [fFlags=0x0]
3592	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\devobj.dll
3593	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff9d1c0000 LB 0x00072000 C:\WINDOWS\System32\MMDevApi.dll [fFlags=0x0]
3594	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll
3595	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d1c0000 'C:\WINDOWS\System32\MMDevApi.dll'
3596	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000015e0 pwszName=\Device\HarddiskVolume8\Windows\System32\dsound.dll
3597	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3598	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3599	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8184043CF3F3DF1E3CF96E74DBBF7D0836417373
3600	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3601	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3602	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.778.cat'; file='\Device\HarddiskVolume8\Windows\System32\dsound.dll'
3603	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3604	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3605	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'winmm.dll'.
3606	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\dsound.dll) WinVerifyTrust
3607	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\dsound.dll
3608	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3609	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3610	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
3611	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3612	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3613	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3614	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dsound.dll
3615	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff4da10000 LB 0x00099000 C:\WINDOWS\System32\dsound.dll [fFlags=0x0]
3616	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dsound.dll
3617	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dsound.dll
3618	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3619	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4da10000 'C:\WINDOWS\System32\dsound.dll'
3620	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4da10000 'C:\WINDOWS\System32\dsound.dll'
3621	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dsound.dll
3622	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3623	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4da10000 'C:\WINDOWS\system32\dsound.dll'
3624	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll
3625	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3626	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d1c0000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
3627	6d24.6e9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3628	6d24.6e9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3629	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3630	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
3631	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
3632	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
3633	6d24.6e9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\AudioSes.dll) WinVerifyTrust
3634	6d24.6e9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\AudioSes.dll
3635	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3636	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3637	6d24.6e9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll
3638	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3639	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3640	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3641	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3642	6d24.6e9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
3643	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3644	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3645	6d24.6e9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3646	6d24.6e9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\AudioSes.dll
3647	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
3648	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
3649	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
3650	6d24.6e9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\WinTypes.dll)
3651	6d24.6e9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\WinTypes.dll
3652	6d24.6e9c: supR3HardenedDllNotificationCallback: load 00007fffa0d60000 LB 0x00153000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
3653	6d24.6e9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
3654	6d24.6e9c: supR3HardenedDllNotificationCallback: load 00007fff94970000 LB 0x0015d000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
3655	6d24.6e9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\AudioSes.dll
3656	6d24.6e9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff94970000 'C:\WINDOWS\System32\AUDIOSES.DLL'
3657	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
3658	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
3659	6d24.6e9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll
3660	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3661	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3662	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
3663	6d24.6e9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
3664	6d24.6e9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
3665	6d24.6e9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3666	6d24.6e9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3667	6d24.6e9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\WinTypes.dll'
3668	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3669	6d24.6e9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
3670	6d24.6e9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ResourcePolicyClient.dll)
3671	6d24.6e9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ResourcePolicyClient.dll
3672	6d24.6e9c: supR3HardenedDllNotificationCallback: load 00007fffa3940000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
3673	6d24.6e9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
3674	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3675	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3676	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3677	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3678	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3679	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3680	6d24.6dc0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\ResourcePolicyClient.dll'
3681	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
3682	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3683	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3684	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000165c pwszName=\Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3685	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3686	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3687	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=38EA8D6D625C6A0A9075DAE17FD33652FF8FC23A
3688	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3689	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3690	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.778.cat'; file='\Device\HarddiskVolume8\Windows\System32\wdmaud.drv'
3691	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3692	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3693	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
3694	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'.
3695	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'.
3696	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wdmaud.drv) WinVerifyTrust
3697	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3698	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
3699	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
3700	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3701	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3702	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\avrt.dll) WinVerifyTrust
3703	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\avrt.dll
3704	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
3705	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume8\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
3706	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3707	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3708	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3709	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ksuser.dll) WinVerifyTrust
3710	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ksuser.dll
3711	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3712	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3713	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll
3714	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3715	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3716	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3717	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3718	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3719	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3720	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ksuser.dll
3721	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\avrt.dll
3722	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff97c20000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
3723	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ksuser.dll
3724	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fffa17b0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
3725	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\avrt.dll
3726	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff5d540000 LB 0x00044000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
3727	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3728	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3729	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3730	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3731	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3732	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3733	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3734	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3735	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3736	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3737	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3738	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3739	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3740	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3741	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3742	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3743	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3744	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wdmaud.drv
3745	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3746	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3747	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3748	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3749	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3750	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3751	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3752	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3753	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff5d540000 'C:\WINDOWS\System32\wdmaud.drv'
3754	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000016f8 pwszName=\Device\HarddiskVolume8\Windows\System32\msacm32.drv
3755	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3756	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3757	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=763C5E89A8DA653902990733D245B99CC7C40BEA
3758	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3759	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3760	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.778.cat'; file='\Device\HarddiskVolume8\Windows\System32\msacm32.drv'
3761	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3762	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3763	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
3764	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
3765	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'.
3766	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msacm32.drv) WinVerifyTrust
3767	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3768	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
3769	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
3770	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmmbase.dll
3771	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
3772	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume8\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
3773	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3774	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3775	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3776	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msacm32.dll) WinVerifyTrust
3777	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msacm32.dll
3778	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3779	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3780	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\MMDevAPI.dll
3781	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3782	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3783	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
3784	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3785	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3786	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3787	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3788	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.dll
3789	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff7a860000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
3790	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.dll
3791	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff93de0000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
3792	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3793	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3794	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3795	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3796	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3797	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3798	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3799	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3800	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3801	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3802	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3803	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3804	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3805	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3806	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3807	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3808	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3809	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msacm32.drv
3810	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3811	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3812	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3813	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3814	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93de0000 'C:\WINDOWS\System32\msacm32.drv'
3815	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000170c pwszName=\Device\HarddiskVolume8\Windows\System32\midimap.dll
3816	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000187dd30
3817	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000187dd30
3818	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB34EC166C3F780657AB67E557E6C2E60C398D10
3819	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3820	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3821	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.778.cat'; file='\Device\HarddiskVolume8\Windows\System32\midimap.dll'
3822	6d24.6dc0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3823	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3824	6d24.6dc0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
3825	6d24.6dc0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\midimap.dll) WinVerifyTrust
3826	6d24.6dc0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\midimap.dll
3827	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3828	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3829	6d24.6dc0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
3830	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3831	6d24.6dc0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3832	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3833	6d24.6dc0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\midimap.dll
3834	6d24.6dc0: supR3HardenedDllNotificationCallback: load 00007fff93530000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
3835	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\midimap.dll
3836	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93530000 'C:\WINDOWS\System32\midimap.dll'
3837	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\midimap.dll
3838	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3839	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93530000 'C:\WINDOWS\System32\midimap.dll'
3840	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\midimap.dll
3841	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3842	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93530000 'C:\WINDOWS\System32\midimap.dll'
3843	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\midimap.dll
3844	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3845	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff93530000 'C:\WINDOWS\System32\midimap.dll'
3846	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3847	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3848	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3849	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3850	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3851	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3852	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3853	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
3854	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3855	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3856	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3857	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3858	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3859	6d24.6dc0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dsound.dll
3860	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3861	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4da10000 'C:\WINDOWS\system32\dsound.dll'
3862	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3863	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3864	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3865	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3866	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3867	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
3868	6d24.6dc0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3869	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msctf.dll
3870	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3871	6d24.6d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6b90000 'C:\WINDOWS\System32\MSCTF.dll'
3872	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3873	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
3874	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
3875	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
3876	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll)
3877	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll
3878	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3879	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
3880	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
3881	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll)
3882	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll
3883	6d24.6d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3884	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll)
3885	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll
3886	6d24.6d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ntmarta.dll)
3887	6d24.6d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ntmarta.dll
3888	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa44a0000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
3889	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
3890	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa30f0000 LB 0x000d4000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
3891	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
3892	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fffa1050000 LB 0x0032a000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
3893	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
3894	6d24.6d28: supR3HardenedDllNotificationCallback: load 00007fff9cc30000 LB 0x0009e000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
3895	6d24.6d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
3896	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3897	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3898	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
3899	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume8\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
3900	6d24.6e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
3901	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
3902	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume8\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
3903	6d24.6e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
3904	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3905	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3906	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
3907	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume8\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
3908	6d24.6e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
3909	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
3910	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume8\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
3911	6d24.6e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
3912	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3913	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3914	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3915	6d24.6e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3916	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3917	6d24.6e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll
3918	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3919	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5600000 'C:\WINDOWS\System32\WINTRUST.DLL'
3920	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\CRYPT32.dll'
3921	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3922	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\Windows\System32\cryptnet.dll'
3923	6d24.6e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\ntmarta.dll'
3924	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3925	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3926	6d24.6e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll'
3927	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3928	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3929	6d24.6e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll'
3930	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3931	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3932	6d24.6e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll'
3933	6d24.6e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa69f0000 'C:\WINDOWS\system32\User32.dll'
3934	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3935	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3936	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3937	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3938	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
3939	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
3940	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'dwmapi.dll'.
3941	6d24.6e34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\d3d9.dll) WinVerifyTrust
3942	6d24.6e34: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\d3d9.dll
3943	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
3944	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
3945	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3946	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3947	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3948	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'win32u.dll'.
3949	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
3950	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'gdi32.dll'.
3951	6d24.6e34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\dwmapi.dll) WinVerifyTrust
3952	6d24.6e34: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\dwmapi.dll
3953	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3954	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3955	6d24.6e34: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll
3956	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
3957	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
3958	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3959	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3960	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3961	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3962	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3963	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3964	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3965	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3966	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
3967	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
3968	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3969	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3970	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3971	6d24.6e34: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\d3d9.dll
3972	6d24.6e34: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dwmapi.dll
3973	6d24.6e34: supR3HardenedDllNotificationCallback: load 00007fffa3a30000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\dwmapi.dll [fFlags=0x0]
3974	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dwmapi.dll
3975	6d24.6e34: supR3HardenedDllNotificationCallback: load 00007fff987a0000 LB 0x001c7000 C:\WINDOWS\system32\d3d9.dll [fFlags=0x0]
3976	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\d3d9.dll
3977	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff987a0000 'C:\WINDOWS\system32\d3d9.dll'
3978	6d24.6e34: \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll: Owner is administrators group.
3979	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3980	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3981	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'version.dll'.
3982	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
3983	6d24.6e34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll) WinVerifyTrust
3984	6d24.6e34: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll
3985	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3986	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3987	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
3988	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume8\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
3989	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
3990	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
3991	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3992	6d24.6e34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\version.dll) WinVerifyTrust
3993	6d24.6e34: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\version.dll
3994	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3995	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3996	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3997	6d24.6e34: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll
3998	6d24.6e34: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\version.dll
3999	6d24.6e34: supR3HardenedDllNotificationCallback: load 00007fffa3fb0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\VERSION.dll [fFlags=0x0]
4000	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\version.dll
4001	6d24.6e34: supR3HardenedDllNotificationCallback: load 00007fff9d240000 LB 0x000ef000 C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll [fFlags=0x0]
4002	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll
4003	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4004	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4005	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4006	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4007	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4008	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4009	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4010	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4011	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4012	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4013	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4014	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4015	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
4016	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4017	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-l1-2-1'
4018	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d240000 'C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll'
4019	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
4020	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll
4021	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wintrust.dll (Input=wintrust.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4022	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5600000 'C:\WINDOWS\System32\wintrust.dll'
4023	6d24.6e34: \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll: Owner is administrators group.
4024	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
4025	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
4026	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'version.dll'.
4027	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
4028	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
4029	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
4030	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
4031	6d24.6e34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll) WinVerifyTrust
4032	6d24.6e34: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll
4033	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
4034	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
4035	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4036	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4037	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4038	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4039	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4040	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4041	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
4042	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume8\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
4043	6d24.6e34: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\version.dll
4044	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4045	6d24.6e34: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll
4046	6d24.6e34: supR3HardenedDllNotificationCallback: load 00007fff33e00000 LB 0x01503000 C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll [fFlags=0x0]
4047	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll
4048	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4049	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4050	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4051	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4052	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4053	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4054	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4055	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4056	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4057	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4058	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4059	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4060	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
4061	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4062	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-l1-2-1'
4063	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff33e00000 'C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvd3dumx.dll'
4064	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6d90000 'C:\WINDOWS\System32\gdi32.dll'
4065	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll
4066	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4067	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d240000 'C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll'
4068	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-core-resourcepolicy-l1-1-0.dll) -> 0x0, fPresent=1
4069	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-core-resourcepolicy-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4070	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3940000 'ext-ms-win-core-resourcepolicy-l1-1-0.dll'
4071	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll
4072	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4073	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9d240000 'C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_93eff437a314841a\nvldumdx.dll'
4074	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa69f0000 'C:\WINDOWS\system32\user32.dll'
4075	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll
4076	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4077	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa70c0000 'C:\WINDOWS\System32\kernel32.dll'
4078	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\powrprof.dll
4079	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\powrprof.dll (Input=powrprof.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4080	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5490000 'C:\WINDOWS\System32\powrprof.dll'
4081	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa7ac0000 'C:\WINDOWS\System32\Shell32.dll'
4082	6d24.6e34: \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll: Owner is administrators group.
4083	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
4084	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'shell32.dll'.
4085	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
4086	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
4087	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
4088	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
4089	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'version.dll'.
4090	6d24.6e34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\nvspcap64.dll) WinVerifyTrust
4091	6d24.6e34: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll
4092	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
4093	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume8\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
4094	6d24.6e34: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\version.dll
4095	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
4096	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
4097	6d24.6e34: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shlwapi.dll
4098	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4099	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4100	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4101	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4102	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4103	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4104	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
4105	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
4106	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\nvspcap64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4107	6d24.6e34: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll
4108	6d24.6e34: supR3HardenedDllNotificationCallback: load 00007fff66c50000 LB 0x002c2000 C:\WINDOWS\system32\nvspcap64.dll [fFlags=0x0]
4109	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll
4110	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4111	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4112	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4113	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4114	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4115	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4116	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4117	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4118	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4119	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4120	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4121	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4122	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
4123	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4124	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-l1-2-1'
4125	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff66c50000 'C:\WINDOWS\system32\nvspcap64.dll'
4126	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa69f0000 'C:\WINDOWS\System32\User32.dll'
4127	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
4128	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll
4129	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4130	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\WINDOWS\System32\cryptnet.dll'
4131	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptbase.dll
4132	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4133	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4ea0000 'C:\WINDOWS\System32\cryptbase.dll'
4134	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll
4135	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wintrust.dll (Input=wintrust.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4136	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5600000 'C:\WINDOWS\System32\wintrust.dll'
4137	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
4138	6d24.6e34: \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll: Owner is administrators group.
4139	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
4140	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
4141	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
4142	6d24.6e34: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'version.dll'.
4143	6d24.6e34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll) WinVerifyTrust
4144	6d24.6e34: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
4145	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
4146	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume8\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
4147	6d24.6e34: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\version.dll
4148	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
4149	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
4150	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4151	6d24.6e34: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4152	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4153	6d24.6e34: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
4154	6d24.6e34: supR3HardenedDllNotificationCallback: load 00007fff6e790000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [fFlags=0x0]
4155	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
4156	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4157	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4158	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4159	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4160	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4161	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4162	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4163	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4164	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-synch-l1-2-0'
4165	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4166	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4167	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-fibers-l1-1-1'
4168	6d24.6e34: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
4169	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4170	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5710000 'api-ms-win-core-localization-l1-2-1'
4171	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff6e790000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll'
4172	6d24.6e34: supR3HardenedDllNotificationCallback: Unload 00007fff6e790000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [flags=0x0]
4173	6d24.6e34: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\d3d9.dll
4174	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4175	6d24.6e34: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff987a0000 'C:\WINDOWS\system32\d3d9.dll'
4176	6d24.6dcc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dsound.dll
4177	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4178	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4da10000 'C:\WINDOWS\system32\dsound.dll'
4179	6d24.6dcc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dsound.dll
4180	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4181	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff4da10000 'C:\WINDOWS\System32\dsound.dll'
4182	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
4183	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
4184	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
4185	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
4186	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
4187	6d24.6dcc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
4188	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4189	6d24.6dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa3330000 'C:\WINDOWS\System32\winmm.dll'
4190	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
4191	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa5600000 'C:\WINDOWS\System32\WINTRUST.DLL'
4192	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\CRYPT32.dll'
4193	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
4194	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9f4c0000 'C:\Windows\System32\cryptnet.dll'
4195	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4196	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
4197	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'combase.dll'.
4198	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shcore.dll'.
4199	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'textinputframework.dll'.
4200	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'inputhost.dll'.
4201	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
4202	6d24.6dd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\Windows.UI.dll) WinVerifyTrust
4203	6d24.6dd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\Windows.UI.dll
4204	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4205	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4206	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'inputhost.dll'...
4207	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'inputhost.dll' -> '\Device\HarddiskVolume8\Windows\System32\inputhost.dll' [rcNtRedir=0xc0150008]
4208	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
4209	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
4210	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4211	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'coremessaging.dll'.
4212	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'coreuicomponents.dll'.
4213	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'propsys.dll'.
4214	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'shcore.dll'.
4215	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'win32u.dll'.
4216	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'combase.dll'.
4217	6d24.6dd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\InputHost.dll) WinVerifyTrust
4218	6d24.6dd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\InputHost.dll
4219	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'textinputframework.dll'...
4220	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'textinputframework.dll' -> '\Device\HarddiskVolume8\Windows\System32\textinputframework.dll' [rcNtRedir=0xc0150008]
4221	6d24.6dd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll
4222	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
4223	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume8\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
4224	6d24.6dd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
4225	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4226	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4227	6d24.6dd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
4228	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4229	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4230	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4231	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4232	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4233	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4234	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4235	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4236	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
4237	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume8\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
4238	6d24.6dd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
4239	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
4240	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume8\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
4241	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa4840000 'C:\WINDOWS\system32\rsaenh.dll'
4242	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa6500000 'C:\WINDOWS\System32\crypt32.dll'
4243	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'oleaut32.dll'.
4244	6d24.6dd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'rpcrt4.dll'.
4245	6d24.6dd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\propsys.dll) WinVerifyTrust
4246	6d24.6dd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\propsys.dll
4247	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
4248	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume8\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
4249	6d24.6dd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll
4250	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
4251	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume8\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
4252	6d24.6dd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll
4253	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4254	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4255	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4256	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4257	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4258	6d24.6dd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4259	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\Windows.UI.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4260	6d24.6dd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\Windows.UI.dll
4261	6d24.6dd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\InputHost.dll
4262	6d24.6dd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\propsys.dll
4263	6d24.6dd8: supR3HardenedDllNotificationCallback: load 00007fffa1a00000 LB 0x000f0000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
4264	6d24.6dd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\propsys.dll
4265	6d24.6dd8: supR3HardenedDllNotificationCallback: load 00007fff9caf0000 LB 0x0011a000 C:\Windows\System32\InputHost.dll [fFlags=0x0]
4266	6d24.6dd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\InputHost.dll
4267	6d24.6dd8: supR3HardenedDllNotificationCallback: load 00007fff9ccd0000 LB 0x00151000 C:\Windows\System32\Windows.UI.dll [fFlags=0x0]
4268	6d24.6dd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\Windows.UI.dll
4269	6d24.6dd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff9ccd0000 'C:\Windows\System32\Windows.UI.dll'
4270	6d24.bb70: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\avrt.dll
4271	6d24.bb70: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4272	6d24.bb70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa17b0000 'C:\WINDOWS\System32\avrt.dll'
4273	6d24.a950: supR3HardenedDllNotificationCallback: Unload 00007fff9ccd0000 LB 0x00151000 C:\Windows\System32\Windows.UI.dll [flags=0x0]
4274	6d24.a950: supR3HardenedDllNotificationCallback: Unload 00007fff9caf0000 LB 0x0011a000 C:\Windows\System32\InputHost.dll [flags=0x0]
4275	6d24.6e38: KiUserExceptionDispatcher: 0x80000003 (0000000000000000) @ 00007fff3a25d544 (flags=0x0)
4276	rax=0000000000000001 rbx=00000000fffffffe rcx=a70afc6ec3eb0000 rdx=0000000000000000
4277	rsi=00000000094dec18 rdi=000000000b3671f0 r8 =0000000002176220 r9 =7efefefefefeff52
4278	r10=0000000000000015 r11=0000000002cf6f40 r12=00000000094debf0 r13=0000000000000000
4279	r14=0000000008b3396c r15=0000000000000000 P1=0000000000000000 P2=00007fff366d4050
4280	rip=00007fff3a25d544 rsp=000000002152fb70 rbp=0000000000000000 ctxflags=0010005f
4281	cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b eflags=00000202 mxcrx=00001f80
4282	P3=000025de153c2d8d P4=00007fff366e6b99 P5=000000002152f5e0 P6=0000000000000022
4283	dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
4284	dr6=0000000000000000 dr7=0000000000000000 vcr=000000000000000b dcr=000000000000e000
4285	lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
4286	6d24.6e38: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-kernel32-errorhandling-l1-1-0.dll) -> 0x0, fPresent=1
4287	6d24.6e38: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-kernel32-errorhandling-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4288	6d24.6e38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffa70c0000 'ext-ms-win-kernel32-errorhandling-l1-1-0.dll'
4289	6d10.6d14: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x80000003 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 129182724 ms, the end);
4290	6cec.6cf0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x80000003 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 129183452 ms, the end);

Download in other formats:

Original Format