Ticket #19983: VBoxHardening.log

41f8.53c: Log file opened: 6.1.14r140239 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa04a6100
41f8.53c: \SystemRoot\System32\ntdll.dll:
41f8.53c:     CreationTime:    2020-10-16T14:29:16.471334100Z
41f8.53c:     LastWriteTime:   2020-10-16T14:29:16.554461600Z
41f8.53c:     ChangeTime:      2020-10-16T16:42:14.822277800Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x1ee338
41f8.53c:     NT Headers:      0xe8
41f8.53c:     Timestamp:       0x5b56177b
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x5b56177b
41f8.53c:     Image Version:   10.0
41f8.53c:     SizeOfImage:     0x1f6000 (2056192)
41f8.53c:     Resource Dir:    0x185000 LB 0x6fd28
41f8.53c:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     Microsoft® Windows® Operating System
41f8.53c:     ProductVersion:  10.0.19041.546
41f8.53c:     FileVersion:     10.0.19041.546 (WinBuild.160101.0800)
41f8.53c:     FileDescription: NT Layer DLL
41f8.53c: \SystemRoot\System32\kernel32.dll:
41f8.53c:     CreationTime:    2020-10-16T14:27:33.731376800Z
41f8.53c:     LastWriteTime:   2020-10-16T14:27:33.794638400Z
41f8.53c:     ChangeTime:      2020-10-16T16:41:28.031858600Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0xbac30
41f8.53c:     NT Headers:      0xe8
41f8.53c:     Timestamp:       0x2f7cc9b6
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x2f7cc9b6
41f8.53c:     Image Version:   10.0
41f8.53c:     SizeOfImage:     0xbd000 (774144)
41f8.53c:     Resource Dir:    0xbb000 LB 0x520
41f8.53c:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     Microsoft® Windows® Operating System
41f8.53c:     ProductVersion:  10.0.19041.546
41f8.53c:     FileVersion:     10.0.19041.546 (WinBuild.160101.0800)
41f8.53c:     FileDescription: Windows NT BASE API Client DLL
41f8.53c: \SystemRoot\System32\KernelBase.dll:
41f8.53c:     CreationTime:    2020-10-16T14:29:23.002324100Z
41f8.53c:     LastWriteTime:   2020-10-16T14:29:23.180425500Z
41f8.53c:     ChangeTime:      2020-10-16T16:42:05.853240600Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x2c8f70
41f8.53c:     NT Headers:      0xf0
41f8.53c:     Timestamp:       0x1183946c
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x1183946c
41f8.53c:     Image Version:   10.0
41f8.53c:     SizeOfImage:     0x2c8000 (2916352)
41f8.53c:     Resource Dir:    0x29f000 LB 0x548
41f8.53c:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x29f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     Microsoft® Windows® Operating System
41f8.53c:     ProductVersion:  10.0.19041.572
41f8.53c:     FileVersion:     10.0.19041.572 (WinBuild.160101.0800)
41f8.53c:     FileDescription: Windows NT BASE API Client DLL
41f8.53c: \SystemRoot\System32\apisetschema.dll:
41f8.53c:     CreationTime:    2019-12-07T09:08:13.518339400Z
41f8.53c:     LastWriteTime:   2019-12-07T09:08:13.518339400Z
41f8.53c:     ChangeTime:      2020-10-16T14:36:31.648132800Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x1f538
41f8.53c:     NT Headers:      0xd0
41f8.53c:     Timestamp:       0x31288ce0
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x31288ce0
41f8.53c:     Image Version:   10.0
41f8.53c:     SizeOfImage:     0x20000 (131072)
41f8.53c:     Resource Dir:    0x1f000 LB 0x408
41f8.53c:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     Microsoft® Windows® Operating System
41f8.53c:     ProductVersion:  10.0.19041.1
41f8.53c:     FileVersion:     10.0.19041.1 (WinBuild.160101.0800)
41f8.53c:     FileDescription: ApiSet Schema DLL
41f8.53c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
41f8.53c: supR3HardenedWinFindAdversaries: 0x20
41f8.53c: \SystemRoot\System32\drivers\cfwids.sys:
41f8.53c:     CreationTime:    2020-01-16T02:13:34.000000000Z
41f8.53c:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
41f8.53c:     ChangeTime:      2020-10-10T16:02:20.624671800Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x127b8
41f8.53c:     NT Headers:      0xf0
41f8.53c:     Timestamp:       0x5ed009c1
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x5ed009c1
41f8.53c:     Image Version:   0.0
41f8.53c:     SizeOfImage:     0x14000 (81920)
41f8.53c:     Resource Dir:    0x12000 LB 0x550
41f8.53c:     [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x120a0 LB 0x318, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     SYSCORE
41f8.53c:     ProductVersion:  20.6.0.142
41f8.53c:     FileVersion:     SYSCORE.20.6.0.142
41f8.53c:     PrivateBuild:    SYSCORE.20.6.0.142
41f8.53c:     FileDescription: McAfee Personal Firewall IDS Plugin
41f8.53c: \SystemRoot\System32\drivers\mfeavfk.sys:
41f8.53c:     CreationTime:    2020-01-16T02:13:34.000000000Z
41f8.53c:     LastWriteTime:   2020-06-09T05:21:28.000000000Z
41f8.53c:     ChangeTime:      2020-10-10T16:02:20.249708600Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x5d5b8
41f8.53c:     NT Headers:      0xe8
41f8.53c:     Timestamp:       0x5ed00921
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x5ed00921
41f8.53c:     Image Version:   0.0
41f8.53c:     SizeOfImage:     0x5e000 (385024)
41f8.53c:     Resource Dir:    0x5c000 LB 0x758
41f8.53c:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x5c110 LB 0x334, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     SYSCORE
41f8.53c:     ProductVersion:  20.6.0.142
41f8.53c:     FileVersion:     SYSCORE.20.6.0.142
41f8.53c:     PrivateBuild:    SYSCORE.20.6.0.142 F15,F16,F19
41f8.53c:     FileDescription: Anti-Virus File System Filter Driver
41f8.53c: \SystemRoot\System32\drivers\mfefirek.sys:
41f8.53c:     CreationTime:    2020-01-16T02:13:34.000000000Z
41f8.53c:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
41f8.53c:     ChangeTime:      2020-10-10T16:02:19.249709500Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x7f5b8
41f8.53c:     NT Headers:      0xe0
41f8.53c:     Timestamp:       0x5ed00994
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x5ed00994
41f8.53c:     Image Version:   0.0
41f8.53c:     SizeOfImage:     0x81000 (528384)
41f8.53c:     Resource Dir:    0x7d000 LB 0x388
41f8.53c:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x7d060 LB 0x328, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     SYSCORE
41f8.53c:     ProductVersion:  20.6.0.142
41f8.53c:     FileVersion:     SYSCORE.20.6.0.142
41f8.53c:     PrivateBuild:    SYSCORE.20.6.0.142 F17,F18
41f8.53c:     FileDescription: McAfee Core Firewall Engine Driver
41f8.53c: \SystemRoot\System32\drivers\mfehidk.sys:
41f8.53c:     CreationTime:    2020-01-16T02:13:34.000000000Z
41f8.53c:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
41f8.53c:     ChangeTime:      2020-10-10T16:02:10.951327000Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0xf59b8
41f8.53c:     NT Headers:      0x108
41f8.53c:     Timestamp:       0x5ed008d6
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x5ed008d6
41f8.53c:     Image Version:   0.0
41f8.53c:     SizeOfImage:     0xff000 (1044480)
41f8.53c:     Resource Dir:    0xfb000 LB 0x758
41f8.53c:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0xfb110 LB 0x320, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     SYSCORE
41f8.53c:     ProductVersion:  20.6.0.142
41f8.53c:     FileVersion:     SYSCORE.20.6.0.142
41f8.53c:     PrivateBuild:    SYSCORE.20.6.0.142 F14,F15,F16,F18,F20
41f8.53c:     FileDescription: McAfee Link Driver
41f8.53c: \SystemRoot\System32\drivers\mfencbdc.sys:
41f8.53c:     CreationTime:    2020-06-07T18:28:40.000000000Z
41f8.53c:     LastWriteTime:   2020-06-07T18:28:40.000000000Z
41f8.53c:     ChangeTime:      2020-10-10T16:02:52.007548200Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x917b8
41f8.53c:     NT Headers:      0xe0
41f8.53c:     Timestamp:       0x5ed7c9d8
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x5ed7c9d8
41f8.53c:     Image Version:   0.0
41f8.53c:     SizeOfImage:     0x95000 (610304)
41f8.53c:     Resource Dir:    0x93000 LB 0x458
41f8.53c:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x93060 LB 0x3f4, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     Anti-Malware Core
41f8.53c:     ProductVersion:  20.6.0          
41f8.53c:     FileVersion:     Anti-Malware Core.20.6.0.189.x64
41f8.53c:     PrivateBuild:    Anti-Malware Core.20.6.0.189.x64
41f8.53c:     FileDescription: Event Driver
41f8.53c: \SystemRoot\System32\drivers\mfewfpk.sys:
41f8.53c:     CreationTime:    2020-01-16T02:13:34.000000000Z
41f8.53c:     LastWriteTime:   2020-06-09T05:21:28.000000000Z
41f8.53c:     ChangeTime:      2020-10-10T16:01:10.442385300Z
41f8.53c:     FileAttributes:  0x20
41f8.53c:     Size:            0x3d9b8
41f8.53c:     NT Headers:      0xf0
41f8.53c:     Timestamp:       0x5ed008e8
41f8.53c:     Machine:         0x8664 - amd64
41f8.53c:     Timestamp:       0x5ed008e8
41f8.53c:     Image Version:   0.0
41f8.53c:     SizeOfImage:     0x59000 (364544)
41f8.53c:     Resource Dir:    0x57000 LB 0x380
41f8.53c:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
41f8.53c:     [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)]
41f8.53c:     ProductName:     SYSCORE
41f8.53c:     ProductVersion:  20.6.0.142
41f8.53c:     FileVersion:     SYSCORE.20.6.0.142
41f8.53c:     PrivateBuild:    SYSCORE.20.6.0.142 F17,F18
41f8.53c:     FileDescription: Anti-Virus Mini-Firewall Driver
41f8.53c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\virtualbox'
41f8.53c: Calling main()
41f8.53c: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
41f8.53c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\virtualbox'
41f8.53c: SUPR3HardenedMain: Respawn #1
41f8.53c: System32:  \Device\HarddiskVolume3\Windows\System32
41f8.53c: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
41f8.53c: KnownDllPath: C:\Windows\System32
41f8.53c: supR3HardenedWinInit: Performing a limited self purification...
41f8.53c: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
41f8.53c:  *0000000000000000-00000000001fffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000200000-0000000000237fff 0x0000/0x0004 0x0020000
41f8.53c:   0000000000238000-000000000023afff 0x0004/0x0004 0x0020000
41f8.53c:   000000000023b000-00000000003fffff 0x0000/0x0004 0x0020000
41f8.53c:  *0000000000400000-000000000040ffff 0x0004/0x0004 0x0040000
41f8.53c:   0000000000410000-000000000041ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000420000-000000000043cfff 0x0002/0x0002 0x0040000
41f8.53c:   000000000043d000-000000000043ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000440000-00000000004f0fff 0x0000/0x0004 0x0020000
41f8.53c:   00000000004f1000-00000000004f3fff 0x0104/0x0004 0x0020000
41f8.53c:   00000000004f4000-000000000053ffff 0x0004/0x0004 0x0020000
41f8.53c:  *0000000000540000-0000000000543fff 0x0002/0x0002 0x0040000
41f8.53c:   0000000000544000-000000000054ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000550000-0000000000551fff 0x0004/0x0004 0x0020000
41f8.53c:   0000000000552000-000000000055ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000560000-0000000000561fff 0x0004/0x0004 0x0020000
41f8.53c:   0000000000562000-0000000000591fff 0x0000/0x0004 0x0020000
41f8.53c:   0000000000592000-00000000005bffff 0x0001/0x0000 0x0000000
41f8.53c:  *00000000005c0000-00000000005c4fff 0x0004/0x0004 0x0020000
41f8.53c:   00000000005c5000-00000000006bffff 0x0000/0x0004 0x0020000
41f8.53c:  *00000000006c0000-0000000000788fff 0x0002/0x0002 0x0040000
41f8.53c:   0000000000789000-000000000083ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000840000-000000000084efff 0x0004/0x0004 0x0020000
41f8.53c:   000000000084f000-000000000084ffff 0x0000/0x0004 0x0020000
41f8.53c:  *0000000000850000-0000000000859fff 0x0000/0x0004 0x0020000
41f8.53c:   000000000085a000-0000000000a50fff 0x0004/0x0004 0x0020000
41f8.53c:   0000000000a51000-0000000000a51fff 0x0000/0x0004 0x0020000
41f8.53c:   0000000000a52000-0000000000a5ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000a60000-0000000000a7cfff 0x0004/0x0004 0x0020000
41f8.53c:   0000000000a7d000-0000000000b5ffff 0x0000/0x0004 0x0020000
41f8.53c:   0000000000b60000-000000007ffdffff 0x0001/0x0000 0x0000000
41f8.53c:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
41f8.53c:   000000007ffe1000-000000007ffe6fff 0x0001/0x0000 0x0000000
41f8.53c:  *000000007ffe7000-000000007ffe7fff 0x0002/0x0002 0x0020000
41f8.53c:   000000007ffe8000-00007ff4548cffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ff4548d0000-00007ff4548d4fff 0x0002/0x0002 0x0040000
41f8.53c:   00007ff4548d5000-00007ff4549cffff 0x0000/0x0002 0x0040000
41f8.53c:  *00007ff4549d0000-00007ff5549effff 0x0000/0x0004 0x0020000
41f8.53c:  *00007ff5549f0000-00007ff5569effff 0x0000/0x0004 0x0020000
41f8.53c:   00007ff5569f0000-00007ff5569f0fff 0x0004/0x0004 0x0020000
41f8.53c:   00007ff5569f1000-00007ff5569fffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ff556a00000-00007ff556a00fff 0x0002/0x0002 0x0040000
41f8.53c:   00007ff556a01000-00007ff556a0ffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ff556a10000-00007ff556a32fff 0x0002/0x0002 0x0040000
41f8.53c:   00007ff556a33000-00007ff655a1ffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ff655a20000-00007ff655a20fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655a21000-00007ff655a96fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655a97000-00007ff655a97fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655a98000-00007ff655adffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae0000-00007ff655ae2fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae3000-00007ff655ae5fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae6000-00007ff655ae8fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae9000-00007ff655ae9fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655aea000-00007ff655aebfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655aec000-00007ff655aecfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655aed000-00007ff655b35fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655b36000-00007ffaa9a7ffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ffaa9a80000-00007ffaa9a80fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
41f8.53c:   00007ffaa9a81000-00007ffaa9b91fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
41f8.53c:   00007ffaa9b92000-00007ffaa9d09fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
41f8.53c:   00007ffaa9d0a000-00007ffaa9d0dfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
41f8.53c:   00007ffaa9d0e000-00007ffaa9d0efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
41f8.53c:   00007ffaa9d0f000-00007ffaa9d47fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
41f8.53c:   00007ffaa9d48000-00007ffaaab7ffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ffaaab80000-00007ffaaab80fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
41f8.53c:   00007ffaaab81000-00007ffaaabfefff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
41f8.53c:   00007ffaaabff000-00007ffaaac31fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
41f8.53c:   00007ffaaac32000-00007ffaaac32fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
41f8.53c:   00007ffaaac33000-00007ffaaac33fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
41f8.53c:   00007ffaaac34000-00007ffaaac3cfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
41f8.53c:   00007ffaaac3d000-00007ffaabfaffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ffaabfb0000-00007ffaabfb0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaabfb1000-00007ffaac0cbfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac0cc000-00007ffaac114fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac115000-00007ffaac115fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac116000-00007ffaac117fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac118000-00007ffaac120fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac121000-00007ffaac1a5fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac1a6000-00007ffffffeffff 0x0001/0x0000 0x0000000
41f8.53c: kernel32.dll: timestamp 0x2f7cc9b6 (rc=VINF_SUCCESS)
41f8.53c: kernelbase.dll: timestamp 0x1183946c (rc=VINF_SUCCESS)
41f8.53c: VirtualBoxVM.exe: timestamp 0x5f51ed66 (rc=VINF_SUCCESS)
41f8.53c: '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe' has no imports
41f8.53c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
41f8.53c: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
41f8.53c: '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe' has no imports
41f8.53c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe)
41f8.53c: supR3HardNtEnableThreadCreationEx:
41f8.53c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffaac024750 pvNtTerminateThread=00007ffaac04c7e0
41f8.53c: supR3HardenedWinDoReSpawn(1): New child 2144.38f4 [kernel32].
41f8.53c: supR3HardNtChildGatherData: PebBaseAddress=0000000000516000 cbPeb=0x388
41f8.53c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffaabfb0000 uNtDllChildAddr=00007ffaabfb0000
41f8.53c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffaac024750
41f8.53c: supR3HardenedWinSetupChildInit: Initial context:
  rax=0000000000000000 rbx=0000000000000000 rcx=00007ff655a27900 rdx=0000000000516000
  rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
  r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
  r14=0000000000000000 r15=0000000000000000  P1=0000000000000000  P2=0000000000000000
  rip=00007ffaabffcea0 rsp=000000000035fc68 rbp=0000000000000000    ctxflags=0010001b
  cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000    eflags=00000200   mxcrx=00001f80
   P3=0000000000000000  P4=0000000000000000  P5=0000000000000000  P6=0000000000000000
  dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
  dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
  lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
41f8.53c: supR3HardenedWinSetupChildInit: Start child.
41f8.53c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
41f8.53c: supR3HardNtChildPurify: Startup delay kludge #1/0: 524 ms, 33 sleeps
41f8.53c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
41f8.53c:  *0000000000000000-000000000021ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000220000-000000000023ffff 0x0004/0x0004 0x0020000
41f8.53c:  *0000000000240000-000000000025cfff 0x0002/0x0002 0x0040000
41f8.53c:   000000000025d000-000000000025ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000260000-000000000035afff 0x0000/0x0004 0x0020000
41f8.53c:   000000000035b000-000000000035dfff 0x0104/0x0004 0x0020000
41f8.53c:   000000000035e000-000000000035ffff 0x0004/0x0004 0x0020000
41f8.53c:  *0000000000360000-0000000000363fff 0x0002/0x0002 0x0040000
41f8.53c:   0000000000364000-000000000036ffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000370000-0000000000371fff 0x0004/0x0004 0x0020000
41f8.53c:   0000000000372000-00000000003fffff 0x0001/0x0000 0x0000000
41f8.53c:  *0000000000400000-0000000000515fff 0x0000/0x0004 0x0020000
41f8.53c:   0000000000516000-0000000000518fff 0x0004/0x0004 0x0020000
41f8.53c:   0000000000519000-00000000005fffff 0x0000/0x0004 0x0020000
41f8.53c:   0000000000600000-000000007ffdffff 0x0001/0x0000 0x0000000
41f8.53c:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
41f8.53c:   000000007ffe1000-000000007ffe6fff 0x0001/0x0000 0x0000000
41f8.53c:  *000000007ffe7000-000000007ffe7fff 0x0002/0x0002 0x0020000
41f8.53c:   000000007ffe8000-00007ff5bf6fffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ff5bf700000-00007ff5bf700fff 0x0002/0x0002 0x0040000
41f8.53c:   00007ff5bf701000-00007ff5bf70ffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ff5bf710000-00007ff5bf732fff 0x0002/0x0002 0x0040000
41f8.53c:   00007ff5bf733000-00007ff655a1ffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ff655a20000-00007ff655a20fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655a21000-00007ff655a96fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655a97000-00007ff655a97fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655a98000-00007ff655adffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae0000-00007ff655ae0fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae1000-00007ff655ae1fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae2000-00007ff655ae6fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae7000-00007ff655ae7fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae8000-00007ff655ae8fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655ae9000-00007ff655aecfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655aed000-00007ff655b35fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
41f8.53c:   00007ff655b36000-00007ffaabfaffff 0x0001/0x0000 0x0000000
41f8.53c:  *00007ffaabfb0000-00007ffaabfb0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaabfb1000-00007ffaac0cbfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac0cc000-00007ffaac114fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac115000-00007ffaac120fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac121000-00007ffaac12ffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac130000-00007ffaac130fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac131000-00007ffaac133fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac134000-00007ffaac1a5fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
41f8.53c:   00007ffaac1a6000-00007ffffffeffff 0x0001/0x0000 0x0000000
41f8.53c: supR3HardNtChildPurify: Done after 524 ms and 0 fixes (loop #0).
2144.38f4: Log file opened: 6.1.14r140239 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6100
2144.38f4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffaabfb0000 g_uNtVerCombined=0xa04a6100 (stack ~000000000035f6f8)
2144.38f4: ntdll.dll: timestamp 0x5b56177b (rc=VINF_SUCCESS)
2144.38f4: New simple heap: #1 0000000000700000 LB 0x400000 (for 2056192 allocation)
41f8.53c: supR3HardNtEnableThreadCreationEx:
2144.38f4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\virtualbox'
2144.38f4: System32:  \Device\HarddiskVolume3\Windows\System32
2144.38f4: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
2144.38f4: KnownDllPath: C:\Windows\System32
2144.38f4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2144.38f4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2144.38f4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2144.38f4: Registered Dll notification callback with NTDLL.
2144.38f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
2144.38f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2144.38f4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
2144.38f4: supR3HardenedDllNotificationCallback: load   00007ffaa9a80000 LB 0x002c8000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
2144.38f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
2144.38f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2144.38f4: supR3HardenedDllNotificationCallback: load   00007ffaaab80000 LB 0x000bd000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
2144.38f4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2144.38f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaab80000 'C:\Windows\System32\KERNEL32.DLL'
2144.38f4: supR3HardenedDllNotificationCallback: load   00007ff655a20000 LB 0x00116000 F:\virtualbox\VirtualBoxVM.exe [fFlags=0x0]
2144.38f4: '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe' has no imports
2144.38f4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe)
2144.38f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffaac024750 pvNtTerminateThread=00007ffaac04c7e0
41f8.53c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 79 ms.
2144.38f4: \SystemRoot\System32\ntdll.dll:
2144.38f4:     CreationTime:    2020-10-16T14:29:16.471334100Z
2144.38f4:     LastWriteTime:   2020-10-16T14:29:16.554461600Z
2144.38f4:     ChangeTime:      2020-10-16T16:42:14.822277800Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x1ee338
2144.38f4:     NT Headers:      0xe8
2144.38f4:     Timestamp:       0x5b56177b
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x5b56177b
2144.38f4:     Image Version:   10.0
2144.38f4:     SizeOfImage:     0x1f6000 (2056192)
2144.38f4:     Resource Dir:    0x185000 LB 0x6fd28
2144.38f4:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     Microsoft® Windows® Operating System
2144.38f4:     ProductVersion:  10.0.19041.546
2144.38f4:     FileVersion:     10.0.19041.546 (WinBuild.160101.0800)
2144.38f4:     FileDescription: NT Layer DLL
2144.38f4: \SystemRoot\System32\kernel32.dll:
2144.38f4:     CreationTime:    2020-10-16T14:27:33.731376800Z
2144.38f4:     LastWriteTime:   2020-10-16T14:27:33.794638400Z
2144.38f4:     ChangeTime:      2020-10-16T16:41:28.031858600Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0xbac30
2144.38f4:     NT Headers:      0xe8
2144.38f4:     Timestamp:       0x2f7cc9b6
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x2f7cc9b6
2144.38f4:     Image Version:   10.0
2144.38f4:     SizeOfImage:     0xbd000 (774144)
2144.38f4:     Resource Dir:    0xbb000 LB 0x520
2144.38f4:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     Microsoft® Windows® Operating System
2144.38f4:     ProductVersion:  10.0.19041.546
2144.38f4:     FileVersion:     10.0.19041.546 (WinBuild.160101.0800)
2144.38f4:     FileDescription: Windows NT BASE API Client DLL
2144.38f4: \SystemRoot\System32\KernelBase.dll:
2144.38f4:     CreationTime:    2020-10-16T14:29:23.002324100Z
2144.38f4:     LastWriteTime:   2020-10-16T14:29:23.180425500Z
2144.38f4:     ChangeTime:      2020-10-16T16:42:05.853240600Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x2c8f70
2144.38f4:     NT Headers:      0xf0
2144.38f4:     Timestamp:       0x1183946c
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x1183946c
2144.38f4:     Image Version:   10.0
2144.38f4:     SizeOfImage:     0x2c8000 (2916352)
2144.38f4:     Resource Dir:    0x29f000 LB 0x548
2144.38f4:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x29f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     Microsoft® Windows® Operating System
2144.38f4:     ProductVersion:  10.0.19041.572
2144.38f4:     FileVersion:     10.0.19041.572 (WinBuild.160101.0800)
2144.38f4:     FileDescription: Windows NT BASE API Client DLL
2144.38f4: \SystemRoot\System32\apisetschema.dll:
2144.38f4:     CreationTime:    2019-12-07T09:08:13.518339400Z
2144.38f4:     LastWriteTime:   2019-12-07T09:08:13.518339400Z
2144.38f4:     ChangeTime:      2020-10-16T14:36:31.648132800Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x1f538
2144.38f4:     NT Headers:      0xd0
2144.38f4:     Timestamp:       0x31288ce0
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x31288ce0
2144.38f4:     Image Version:   10.0
2144.38f4:     SizeOfImage:     0x20000 (131072)
2144.38f4:     Resource Dir:    0x1f000 LB 0x408
2144.38f4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     Microsoft® Windows® Operating System
2144.38f4:     ProductVersion:  10.0.19041.1
2144.38f4:     FileVersion:     10.0.19041.1 (WinBuild.160101.0800)
2144.38f4:     FileDescription: ApiSet Schema DLL
2144.38f4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
2144.38f4: supR3HardenedWinFindAdversaries: 0x20
2144.38f4: \SystemRoot\System32\drivers\cfwids.sys:
2144.38f4:     CreationTime:    2020-01-16T02:13:34.000000000Z
2144.38f4:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
2144.38f4:     ChangeTime:      2020-10-10T16:02:20.624671800Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x127b8
2144.38f4:     NT Headers:      0xf0
2144.38f4:     Timestamp:       0x5ed009c1
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x5ed009c1
2144.38f4:     Image Version:   0.0
2144.38f4:     SizeOfImage:     0x14000 (81920)
2144.38f4:     Resource Dir:    0x12000 LB 0x550
2144.38f4:     [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x120a0 LB 0x318, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     SYSCORE
2144.38f4:     ProductVersion:  20.6.0.142
2144.38f4:     FileVersion:     SYSCORE.20.6.0.142
2144.38f4:     PrivateBuild:    SYSCORE.20.6.0.142
2144.38f4:     FileDescription: McAfee Personal Firewall IDS Plugin
2144.38f4: \SystemRoot\System32\drivers\mfeavfk.sys:
2144.38f4:     CreationTime:    2020-01-16T02:13:34.000000000Z
2144.38f4:     LastWriteTime:   2020-06-09T05:21:28.000000000Z
2144.38f4:     ChangeTime:      2020-10-10T16:02:20.249708600Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x5d5b8
2144.38f4:     NT Headers:      0xe8
2144.38f4:     Timestamp:       0x5ed00921
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x5ed00921
2144.38f4:     Image Version:   0.0
2144.38f4:     SizeOfImage:     0x5e000 (385024)
2144.38f4:     Resource Dir:    0x5c000 LB 0x758
2144.38f4:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x5c110 LB 0x334, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     SYSCORE
2144.38f4:     ProductVersion:  20.6.0.142
2144.38f4:     FileVersion:     SYSCORE.20.6.0.142
2144.38f4:     PrivateBuild:    SYSCORE.20.6.0.142 F15,F16,F19
2144.38f4:     FileDescription: Anti-Virus File System Filter Driver
2144.38f4: \SystemRoot\System32\drivers\mfefirek.sys:
2144.38f4:     CreationTime:    2020-01-16T02:13:34.000000000Z
2144.38f4:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
2144.38f4:     ChangeTime:      2020-10-10T16:02:19.249709500Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x7f5b8
2144.38f4:     NT Headers:      0xe0
2144.38f4:     Timestamp:       0x5ed00994
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x5ed00994
2144.38f4:     Image Version:   0.0
2144.38f4:     SizeOfImage:     0x81000 (528384)
2144.38f4:     Resource Dir:    0x7d000 LB 0x388
2144.38f4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x7d060 LB 0x328, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     SYSCORE
2144.38f4:     ProductVersion:  20.6.0.142
2144.38f4:     FileVersion:     SYSCORE.20.6.0.142
2144.38f4:     PrivateBuild:    SYSCORE.20.6.0.142 F17,F18
2144.38f4:     FileDescription: McAfee Core Firewall Engine Driver
2144.38f4: \SystemRoot\System32\drivers\mfehidk.sys:
2144.38f4:     CreationTime:    2020-01-16T02:13:34.000000000Z
2144.38f4:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
2144.38f4:     ChangeTime:      2020-10-10T16:02:10.951327000Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0xf59b8
2144.38f4:     NT Headers:      0x108
2144.38f4:     Timestamp:       0x5ed008d6
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x5ed008d6
2144.38f4:     Image Version:   0.0
2144.38f4:     SizeOfImage:     0xff000 (1044480)
2144.38f4:     Resource Dir:    0xfb000 LB 0x758
2144.38f4:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0xfb110 LB 0x320, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     SYSCORE
2144.38f4:     ProductVersion:  20.6.0.142
2144.38f4:     FileVersion:     SYSCORE.20.6.0.142
2144.38f4:     PrivateBuild:    SYSCORE.20.6.0.142 F14,F15,F16,F18,F20
2144.38f4:     FileDescription: McAfee Link Driver
2144.38f4: \SystemRoot\System32\drivers\mfencbdc.sys:
2144.38f4:     CreationTime:    2020-06-07T18:28:40.000000000Z
2144.38f4:     LastWriteTime:   2020-06-07T18:28:40.000000000Z
2144.38f4:     ChangeTime:      2020-10-10T16:02:52.007548200Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x917b8
2144.38f4:     NT Headers:      0xe0
2144.38f4:     Timestamp:       0x5ed7c9d8
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x5ed7c9d8
2144.38f4:     Image Version:   0.0
2144.38f4:     SizeOfImage:     0x95000 (610304)
2144.38f4:     Resource Dir:    0x93000 LB 0x458
2144.38f4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x93060 LB 0x3f4, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     Anti-Malware Core
2144.38f4:     ProductVersion:  20.6.0          
2144.38f4:     FileVersion:     Anti-Malware Core.20.6.0.189.x64
2144.38f4:     PrivateBuild:    Anti-Malware Core.20.6.0.189.x64
2144.38f4:     FileDescription: Event Driver
2144.38f4: \SystemRoot\System32\drivers\mfewfpk.sys:
2144.38f4:     CreationTime:    2020-01-16T02:13:34.000000000Z
2144.38f4:     LastWriteTime:   2020-06-09T05:21:28.000000000Z
2144.38f4:     ChangeTime:      2020-10-10T16:01:10.442385300Z
2144.38f4:     FileAttributes:  0x20
2144.38f4:     Size:            0x3d9b8
2144.38f4:     NT Headers:      0xf0
2144.38f4:     Timestamp:       0x5ed008e8
2144.38f4:     Machine:         0x8664 - amd64
2144.38f4:     Timestamp:       0x5ed008e8
2144.38f4:     Image Version:   0.0
2144.38f4:     SizeOfImage:     0x59000 (364544)
2144.38f4:     Resource Dir:    0x57000 LB 0x380
2144.38f4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2144.38f4:     [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)]
2144.38f4:     ProductName:     SYSCORE
2144.38f4:     ProductVersion:  20.6.0.142
2144.38f4:     FileVersion:     SYSCORE.20.6.0.142
2144.38f4:     PrivateBuild:    SYSCORE.20.6.0.142 F17,F18
2144.38f4:     FileDescription: Anti-Virus Mini-Firewall Driver
2144.38f4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\virtualbox'
2144.38f4: Calling main()
2144.38f4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
2144.38f4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\virtualbox'
2144.38f4: '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe' has no imports
2144.38f4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe)
2144.38f4: SUPR3HardenedMain: Respawn #2
2144.38f4: supR3HardNtEnableThreadCreationEx:
2144.38f4: supR3HardenedDllNotificationCallback: load   00007ffaaa190000 LB 0x00124000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
2144.38f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
2144.38f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
2144.38f4: supR3HardenedDllNotificationCallback: load   00007ffaaa0f0000 LB 0x0009b000 C:\Windows\System32\sechost.dll [fFlags=0x0]
2144.38f4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
2144.38f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
2144.38f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
2144.38f4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
2144.38f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
2144.38f4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2144.38f4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2144.38f4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
2144.38f4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2144.38f4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaabfb0000 'C:\Windows\System32\ntdll.dll'
2144.38f4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffaac024750 pvNtTerminateThread=00007ffaac04c7e0
2144.38f4: supR3HardenedWinDoReSpawn(2): New child 4074.33d4 [kernel32].
2144.38f4: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
2144.38f4: supR3HardNtChildGatherData: PebBaseAddress=0000000000434000 cbPeb=0x388
2144.38f4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffaabfb0000 uNtDllChildAddr=00007ffaabfb0000
2144.38f4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffaac024750
2144.38f4: supR3HardenedWinSetupChildInit: Initial context:
  rax=0000000000000000 rbx=0000000000000000 rcx=00007ff655a27900 rdx=0000000000434000
  rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
  r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
  r14=0000000000000000 r15=0000000000000000  P1=0000000000000000  P2=0000000000000000
  rip=00007ffaabffcea0 rsp=00000000003dfc18 rbp=0000000000000000    ctxflags=0010001b
  cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000    eflags=00000200   mxcrx=00001f80
   P3=0000000000000000  P4=0000000000000000  P5=0000000000000000  P6=0000000000000000
  dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
  dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
  lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
2144.38f4: kernel32.dll: timestamp 0x2f7cc9b6 (rc=VINF_SUCCESS)
2144.38f4: supR3HardenedWinSetupChildInit: Start child.
2144.38f4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2144.38f4: supR3HardNtChildPurify: Startup delay kludge #1/0: 526 ms, 34 sleeps
2144.38f4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2144.38f4:  *0000000000000000-000000000029ffff 0x0001/0x0000 0x0000000
2144.38f4:  *00000000002a0000-00000000002bffff 0x0004/0x0004 0x0020000
2144.38f4:  *00000000002c0000-00000000002dcfff 0x0002/0x0002 0x0040000
2144.38f4:   00000000002dd000-00000000002dffff 0x0001/0x0000 0x0000000
2144.38f4:  *00000000002e0000-00000000003dafff 0x0000/0x0004 0x0020000
2144.38f4:   00000000003db000-00000000003ddfff 0x0104/0x0004 0x0020000
2144.38f4:   00000000003de000-00000000003dffff 0x0004/0x0004 0x0020000
2144.38f4:  *00000000003e0000-00000000003e3fff 0x0002/0x0002 0x0040000
2144.38f4:   00000000003e4000-00000000003effff 0x0001/0x0000 0x0000000
2144.38f4:  *00000000003f0000-00000000003f1fff 0x0004/0x0004 0x0020000
2144.38f4:   00000000003f2000-00000000003fffff 0x0001/0x0000 0x0000000
2144.38f4:  *0000000000400000-0000000000433fff 0x0000/0x0004 0x0020000
2144.38f4:   0000000000434000-0000000000436fff 0x0004/0x0004 0x0020000
2144.38f4:   0000000000437000-00000000005fffff 0x0000/0x0004 0x0020000
2144.38f4:   0000000000600000-000000007ffdffff 0x0001/0x0000 0x0000000
2144.38f4:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2144.38f4:   000000007ffe1000-000000007ffe6fff 0x0001/0x0000 0x0000000
2144.38f4:  *000000007ffe7000-000000007ffe7fff 0x0002/0x0002 0x0020000
2144.38f4:   000000007ffe8000-00007ff58d84ffff 0x0001/0x0000 0x0000000
2144.38f4:  *00007ff58d850000-00007ff58d850fff 0x0002/0x0002 0x0040000
2144.38f4:   00007ff58d851000-00007ff58d85ffff 0x0001/0x0000 0x0000000
2144.38f4:  *00007ff58d860000-00007ff58d882fff 0x0002/0x0002 0x0040000
2144.38f4:   00007ff58d883000-00007ff655a1ffff 0x0001/0x0000 0x0000000
2144.38f4:  *00007ff655a20000-00007ff655a20fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655a21000-00007ff655a96fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655a97000-00007ff655a97fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655a98000-00007ff655adffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655ae0000-00007ff655ae0fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655ae1000-00007ff655ae1fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655ae2000-00007ff655ae6fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655ae7000-00007ff655ae7fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655ae8000-00007ff655ae8fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655ae9000-00007ff655aecfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655aed000-00007ff655b35fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
2144.38f4:   00007ff655b36000-00007ffaabfaffff 0x0001/0x0000 0x0000000
2144.38f4:  *00007ffaabfb0000-00007ffaabfb0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaabfb1000-00007ffaac0cbfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaac0cc000-00007ffaac114fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaac115000-00007ffaac120fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaac121000-00007ffaac12ffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaac130000-00007ffaac130fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaac131000-00007ffaac133fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaac134000-00007ffaac1a5fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2144.38f4:   00007ffaac1a6000-00007ffffffeffff 0x0001/0x0000 0x0000000
2144.38f4: VirtualBoxVM.exe: timestamp 0x5f51ed66 (rc=VINF_SUCCESS)
2144.38f4: '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe' has no imports
2144.38f4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
2144.38f4: supR3HardNtChildPurify: Done after 557 ms and 0 fixes (loop #0).
4074.33d4: Log file opened: 6.1.14r140239 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6100
4074.33d4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffaabfb0000 g_uNtVerCombined=0xa04a6100 (stack ~00000000003df6a8)
4074.33d4: ntdll.dll: timestamp 0x5b56177b (rc=VINF_SUCCESS)
2144.38f4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000700000 LB 0x400000)
4074.33d4: New simple heap: #1 0000000000700000 LB 0x400000 (for 2056192 allocation)
2144.38f4: supR3HardNtEnableThreadCreationEx:
4074.33d4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\virtualbox'
4074.33d4: System32:  \Device\HarddiskVolume3\Windows\System32
4074.33d4: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
4074.33d4: KnownDllPath: C:\Windows\System32
4074.33d4: supR3HardenedVmProcessInit: Opening vboxdrv...
4074.33d4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
4074.33d4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
4074.33d4: Registered Dll notification callback with NTDLL.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9a80000 LB 0x002c8000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaab80000 LB 0x000bd000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaab80000 'C:\Windows\System32\KERNEL32.DLL'
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ff655a20000 LB 0x00116000 F:\virtualbox\VirtualBoxVM.exe [fFlags=0x0]
4074.33d4: '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe' has no imports
4074.33d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe
4074.33d4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffaac024750 pvNtTerminateThread=00007ffaac04c7e0
2144.38f4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 86 ms.
4074.33d4: \SystemRoot\System32\ntdll.dll:
4074.33d4:     CreationTime:    2020-10-16T14:29:16.471334100Z
4074.33d4:     LastWriteTime:   2020-10-16T14:29:16.554461600Z
4074.33d4:     ChangeTime:      2020-10-16T16:42:14.822277800Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x1ee338
4074.33d4:     NT Headers:      0xe8
4074.33d4:     Timestamp:       0x5b56177b
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x5b56177b
4074.33d4:     Image Version:   10.0
4074.33d4:     SizeOfImage:     0x1f6000 (2056192)
4074.33d4:     Resource Dir:    0x185000 LB 0x6fd28
4074.33d4:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     Microsoft® Windows® Operating System
4074.33d4:     ProductVersion:  10.0.19041.546
4074.33d4:     FileVersion:     10.0.19041.546 (WinBuild.160101.0800)
4074.33d4:     FileDescription: NT Layer DLL
4074.33d4: \SystemRoot\System32\kernel32.dll:
4074.33d4:     CreationTime:    2020-10-16T14:27:33.731376800Z
4074.33d4:     LastWriteTime:   2020-10-16T14:27:33.794638400Z
4074.33d4:     ChangeTime:      2020-10-16T16:41:28.031858600Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0xbac30
4074.33d4:     NT Headers:      0xe8
4074.33d4:     Timestamp:       0x2f7cc9b6
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x2f7cc9b6
4074.33d4:     Image Version:   10.0
4074.33d4:     SizeOfImage:     0xbd000 (774144)
4074.33d4:     Resource Dir:    0xbb000 LB 0x520
4074.33d4:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     Microsoft® Windows® Operating System
4074.33d4:     ProductVersion:  10.0.19041.546
4074.33d4:     FileVersion:     10.0.19041.546 (WinBuild.160101.0800)
4074.33d4:     FileDescription: Windows NT BASE API Client DLL
4074.33d4: \SystemRoot\System32\KernelBase.dll:
4074.33d4:     CreationTime:    2020-10-16T14:29:23.002324100Z
4074.33d4:     LastWriteTime:   2020-10-16T14:29:23.180425500Z
4074.33d4:     ChangeTime:      2020-10-16T16:42:05.853240600Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x2c8f70
4074.33d4:     NT Headers:      0xf0
4074.33d4:     Timestamp:       0x1183946c
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x1183946c
4074.33d4:     Image Version:   10.0
4074.33d4:     SizeOfImage:     0x2c8000 (2916352)
4074.33d4:     Resource Dir:    0x29f000 LB 0x548
4074.33d4:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x29f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     Microsoft® Windows® Operating System
4074.33d4:     ProductVersion:  10.0.19041.572
4074.33d4:     FileVersion:     10.0.19041.572 (WinBuild.160101.0800)
4074.33d4:     FileDescription: Windows NT BASE API Client DLL
4074.33d4: \SystemRoot\System32\apisetschema.dll:
4074.33d4:     CreationTime:    2019-12-07T09:08:13.518339400Z
4074.33d4:     LastWriteTime:   2019-12-07T09:08:13.518339400Z
4074.33d4:     ChangeTime:      2020-10-16T14:36:31.648132800Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x1f538
4074.33d4:     NT Headers:      0xd0
4074.33d4:     Timestamp:       0x31288ce0
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x31288ce0
4074.33d4:     Image Version:   10.0
4074.33d4:     SizeOfImage:     0x20000 (131072)
4074.33d4:     Resource Dir:    0x1f000 LB 0x408
4074.33d4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     Microsoft® Windows® Operating System
4074.33d4:     ProductVersion:  10.0.19041.1
4074.33d4:     FileVersion:     10.0.19041.1 (WinBuild.160101.0800)
4074.33d4:     FileDescription: ApiSet Schema DLL
4074.33d4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
4074.33d4: supR3HardenedWinFindAdversaries: 0x20
4074.33d4: \SystemRoot\System32\drivers\cfwids.sys:
4074.33d4:     CreationTime:    2020-01-16T02:13:34.000000000Z
4074.33d4:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
4074.33d4:     ChangeTime:      2020-10-10T16:02:20.624671800Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x127b8
4074.33d4:     NT Headers:      0xf0
4074.33d4:     Timestamp:       0x5ed009c1
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x5ed009c1
4074.33d4:     Image Version:   0.0
4074.33d4:     SizeOfImage:     0x14000 (81920)
4074.33d4:     Resource Dir:    0x12000 LB 0x550
4074.33d4:     [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x120a0 LB 0x318, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     SYSCORE
4074.33d4:     ProductVersion:  20.6.0.142
4074.33d4:     FileVersion:     SYSCORE.20.6.0.142
4074.33d4:     PrivateBuild:    SYSCORE.20.6.0.142
4074.33d4:     FileDescription: McAfee Personal Firewall IDS Plugin
4074.33d4: \SystemRoot\System32\drivers\mfeavfk.sys:
4074.33d4:     CreationTime:    2020-01-16T02:13:34.000000000Z
4074.33d4:     LastWriteTime:   2020-06-09T05:21:28.000000000Z
4074.33d4:     ChangeTime:      2020-10-10T16:02:20.249708600Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x5d5b8
4074.33d4:     NT Headers:      0xe8
4074.33d4:     Timestamp:       0x5ed00921
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x5ed00921
4074.33d4:     Image Version:   0.0
4074.33d4:     SizeOfImage:     0x5e000 (385024)
4074.33d4:     Resource Dir:    0x5c000 LB 0x758
4074.33d4:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x5c110 LB 0x334, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     SYSCORE
4074.33d4:     ProductVersion:  20.6.0.142
4074.33d4:     FileVersion:     SYSCORE.20.6.0.142
4074.33d4:     PrivateBuild:    SYSCORE.20.6.0.142 F15,F16,F19
4074.33d4:     FileDescription: Anti-Virus File System Filter Driver
4074.33d4: \SystemRoot\System32\drivers\mfefirek.sys:
4074.33d4:     CreationTime:    2020-01-16T02:13:34.000000000Z
4074.33d4:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
4074.33d4:     ChangeTime:      2020-10-10T16:02:19.249709500Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x7f5b8
4074.33d4:     NT Headers:      0xe0
4074.33d4:     Timestamp:       0x5ed00994
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x5ed00994
4074.33d4:     Image Version:   0.0
4074.33d4:     SizeOfImage:     0x81000 (528384)
4074.33d4:     Resource Dir:    0x7d000 LB 0x388
4074.33d4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x7d060 LB 0x328, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     SYSCORE
4074.33d4:     ProductVersion:  20.6.0.142
4074.33d4:     FileVersion:     SYSCORE.20.6.0.142
4074.33d4:     PrivateBuild:    SYSCORE.20.6.0.142 F17,F18
4074.33d4:     FileDescription: McAfee Core Firewall Engine Driver
4074.33d4: \SystemRoot\System32\drivers\mfehidk.sys:
4074.33d4:     CreationTime:    2020-01-16T02:13:34.000000000Z
4074.33d4:     LastWriteTime:   2020-06-09T05:21:26.000000000Z
4074.33d4:     ChangeTime:      2020-10-10T16:02:10.951327000Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0xf59b8
4074.33d4:     NT Headers:      0x108
4074.33d4:     Timestamp:       0x5ed008d6
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x5ed008d6
4074.33d4:     Image Version:   0.0
4074.33d4:     SizeOfImage:     0xff000 (1044480)
4074.33d4:     Resource Dir:    0xfb000 LB 0x758
4074.33d4:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0xfb110 LB 0x320, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     SYSCORE
4074.33d4:     ProductVersion:  20.6.0.142
4074.33d4:     FileVersion:     SYSCORE.20.6.0.142
4074.33d4:     PrivateBuild:    SYSCORE.20.6.0.142 F14,F15,F16,F18,F20
4074.33d4:     FileDescription: McAfee Link Driver
4074.33d4: \SystemRoot\System32\drivers\mfencbdc.sys:
4074.33d4:     CreationTime:    2020-06-07T18:28:40.000000000Z
4074.33d4:     LastWriteTime:   2020-06-07T18:28:40.000000000Z
4074.33d4:     ChangeTime:      2020-10-10T16:02:52.007548200Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x917b8
4074.33d4:     NT Headers:      0xe0
4074.33d4:     Timestamp:       0x5ed7c9d8
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x5ed7c9d8
4074.33d4:     Image Version:   0.0
4074.33d4:     SizeOfImage:     0x95000 (610304)
4074.33d4:     Resource Dir:    0x93000 LB 0x458
4074.33d4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x93060 LB 0x3f4, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     Anti-Malware Core
4074.33d4:     ProductVersion:  20.6.0          
4074.33d4:     FileVersion:     Anti-Malware Core.20.6.0.189.x64
4074.33d4:     PrivateBuild:    Anti-Malware Core.20.6.0.189.x64
4074.33d4:     FileDescription: Event Driver
4074.33d4: \SystemRoot\System32\drivers\mfewfpk.sys:
4074.33d4:     CreationTime:    2020-01-16T02:13:34.000000000Z
4074.33d4:     LastWriteTime:   2020-06-09T05:21:28.000000000Z
4074.33d4:     ChangeTime:      2020-10-10T16:01:10.442385300Z
4074.33d4:     FileAttributes:  0x20
4074.33d4:     Size:            0x3d9b8
4074.33d4:     NT Headers:      0xf0
4074.33d4:     Timestamp:       0x5ed008e8
4074.33d4:     Machine:         0x8664 - amd64
4074.33d4:     Timestamp:       0x5ed008e8
4074.33d4:     Image Version:   0.0
4074.33d4:     SizeOfImage:     0x59000 (364544)
4074.33d4:     Resource Dir:    0x57000 LB 0x380
4074.33d4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4074.33d4:     [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)]
4074.33d4:     ProductName:     SYSCORE
4074.33d4:     ProductVersion:  20.6.0.142
4074.33d4:     FileVersion:     SYSCORE.20.6.0.142
4074.33d4:     PrivateBuild:    SYSCORE.20.6.0.142 F17,F18
4074.33d4:     FileDescription: Anti-Virus Mini-Firewall Driver
4074.33d4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\virtualbox'
4074.33d4: Calling main()
4074.33d4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
4074.33d4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\virtualbox'
4074.33d4: '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe' has no imports
4074.33d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe)
4074.33d4: SUPR3HardenedMain: Final process, opening VBoxDrv...
4074.33d4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000700000 LB 0x400000)
4074.33d4: supR3HardNtEnableThreadCreationEx:
4074.33d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\VBoxSupLib.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxSupLib.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\VBoxSupLib.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa6420000 LB 0x00005000 F:\virtualbox\VBoxSupLib.DLL [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\VBoxSupLib.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\VBoxSupLib.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6420000 'F:\virtualbox\VBoxSupLib.DLL'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\VBoxSupLib.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6420000 'F:\virtualbox\VBoxSupLib.DLL'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6420000 'F:\virtualbox\VBoxSupLib.DLL'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaab8c0000 LB 0x0009e000 C:\Windows\System32\msvcrt.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaa190000 LB 0x00124000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9d80000 LB 0x00060000 C:\Windows\System32\Wintrust.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9900000 LB 0x00100000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0]
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa97a0000 LB 0x0015d000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0]
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-synch-l1-2-0'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-fibers-l1-1-1'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-fibers-l1-1-1'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-synch-l1-2-0'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-localization-l1-2-1'
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9350000 LB 0x00012000 C:\Windows\SYSTEM32\MSASN1.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9d80000 'C:\Windows\system32\Wintrust.dll'
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9d50000 LB 0x00027000 C:\Windows\System32\bcrypt.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9d50000 'C:\Windows\system32\bcrypt.dll'
4074.33d4: bcrypt.dll loaded at 00007ffaa9d50000, BCryptOpenAlgorithmProvider at 00007ffaa9d551e0, preloading providers:
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9a00000 LB 0x0007f000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a00000 'C:\Windows\system32\bcryptprimitives.dll'
4074.33d4:     BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000c48700)
4074.33d4:     BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000c4e160)
4074.33d4:     BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000c4e480)
4074.33d4:     BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000c4efb0)
4074.33d4:     BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000c4f2d0)
4074.33d4:     BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000c4f5f0)
4074.33d4:     BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000c4f910)
4074.33d4:     BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000c4fc30)
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9160000 LB 0x00018000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa8770000 LB 0x00034000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa8f40000 LB 0x0000c000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaab80000 'C:\Windows\System32\kernel32.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9d80000 'C:\Windows\System32\WINTRUST.DLL'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\CRYPT32.dll'
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaabb20000 LB 0x0001d000 C:\Windows\System32\imagehlp.dll [fFlags=0x0]
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaa0f0000 LB 0x0009b000 C:\Windows\System32\sechost.dll [fFlags=0x0]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa7c30000 LB 0x00023000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9630000 LB 0x00026000 C:\Windows\SYSTEM32\profapi.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa924b0000 LB 0x00031000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa924b0000 'C:\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaa740000 LB 0x000aa000 C:\Windows\System32\advapi32.dll [fFlags=0x0]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7156C83A907F16145EEEA84ADE6D92E3B0F66BCB
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa190000 'C:\Windows\System32\rpcrt4.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\SystemRoot\System32\ntdll.dll'
4074.33d4: g_pfnWinVerifyTrust=00007ffaa9d81da0
4074.33d4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E45ECE98858B46D7A91C9972C8F2F62C2E8A43CC
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\virtualbox\VBoxSupLib.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.exe'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\system32\crypt32.dll'
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
4074.33d4: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
4074.33d4: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=43
4074.33d4: SUPR3HardenedMain: Load Runtime...
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxRT.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\msvcp100.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\msvcr100.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\msvcr100.dll) WinVerifyTrust
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   0000000075140000 LB 0x000d2000 F:\virtualbox\MSVCR100.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   0000000075350000 LB 0x00098000 F:\virtualbox\MSVCP100.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaabc70000 LB 0x0006b000 C:\Windows\System32\WS2_32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa2c760000 LB 0x005e0000 F:\virtualbox\VBoxRT.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxRT.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa2c760000 'F:\virtualbox\VBoxRT.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\virtualbox\msvcr100.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9d80000 'C:\Windows\system32\Wintrust.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\system32\crypt32.dll'
4074.33d4: SUPR3HardenedMain: Load TrustedMain...
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VirtualBoxVM.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: '\Device\HarddiskVolume3\Windows\System32\win32u.dll' has no imports
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\Qt5OpenGLVBox.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\Qt5OpenGLVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #72 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #74 'gdi32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
4074.33d4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume4\virtualbox\uicommon.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\UICommon.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\UICommon.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000464 pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F14F1B7D8729223C0DB5ABA6EC95E5C5A3D6D1EC
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\UICommon.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5OpenGLVBox.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9ff0000 LB 0x00022000 C:\Windows\System32\win32u.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9700000 LB 0x0009d000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa9e30000 LB 0x00109000 C:\Windows\System32\gdi32full.dll [fFlags=0x0]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaa8d0000 LB 0x0002a000 C:\Windows\System32\GDI32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaa970000 LB 0x001a0000 C:\Windows\System32\USER32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaab560000 LB 0x00355000 C:\Windows\System32\combase.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa0470000 LB 0x0002c000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa981c0000 LB 0x00125000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaae20000 LB 0x00740000 C:\Windows\System32\SHELL32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaabb40000 LB 0x0012a000 C:\Windows\System32\ole32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa8c1b0000 LB 0x0001d000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   0000000074b00000 LB 0x00565000 F:\virtualbox\Qt5CoreVBox.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa2c160000 LB 0x005f7000 F:\virtualbox\Qt5GuiVBox.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   0000000074590000 LB 0x00561000 F:\virtualbox\Qt5WidgetsVBox.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaa020000 LB 0x000cd000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa2cd40000 LB 0x02317000 F:\virtualbox\UICommon.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\UICommon.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   0000000075840000 LB 0x00054000 F:\virtualbox\Qt5OpenGLVBox.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5OpenGLVBox.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa8ecb0000 LB 0x00027000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa674f0000 LB 0x001c8000 F:\virtualbox\VirtualBoxVM.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VirtualBoxVM.dll
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaab80000 'C:\Windows\System32\kernel32.dll'
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-string-l1-1-0'
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-datetime-l1-1-1'
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-localization-obsolete-l1-2-0'
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaadf0000 LB 0x00030000 C:\Windows\System32\IMM32.DLL [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaadf0000 'C:\Windows\system32\IMM32.DLL'
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\System32\edgegdi.dll': 0 (NtPath=\??\C:\Windows\System32\edgegdi.dll; Input=edgegdi.dll; rcNtGetDll=0xc0000135
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\System32\edgegdi.dll'
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa740000 'C:\Windows\System32\ADVAPI32.DLL'
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
4074.33d4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa674f0000 'F:\virtualbox\VirtualBoxVM.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000468 pwszName=\Device\HarddiskVolume3\Windows\System32\glu32.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=087A92E70231A784DB8F333F449EAE73CA72A5AC
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\glu32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\virtualbox\Qt5WidgetsVBox.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
4074.33d4: SUPR3HardenedMain: Calling TrustedMain (00007ffa674f16c0)...
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'wldp.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wldp.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wldp.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa8fd0000 LB 0x0002c000 C:\Windows\SYSTEM32\Wldp.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wldp.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa7280000 LB 0x00794000 C:\Windows\SYSTEM32\windows.storage.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaba70000 LB 0x000ae000 C:\Windows\System32\SHCORE.dll [fFlags=0x0]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'combase.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaab10000 LB 0x00055000 C:\Windows\System32\shlwapi.dll [fFlags=0x0]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldp.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldp.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldp.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wldp.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wldp.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\platforms\qwindows.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\platforms\qwindows.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5CoreVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\virtualbox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\Qt5GuiVBox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\platforms\qwindows.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa541d0000 LB 0x0012e000 F:\virtualbox\platforms\qwindows.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\platforms\qwindows.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa541d0000 'F:\virtualbox\platforms\qwindows.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa83b0000 LB 0x00012000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005c8 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C36BDDBF70FC15AF1BBA02DB55AE15854E94AD
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0419~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa6c50000 LB 0x0009f000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6c50000 'C:\Windows\system32\uxtheme.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa970000 'C:\Windows\system32\user32.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaba70000 'C:\Windows\system32\SHCore.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\system32\winmm.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\system32\winmm.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6c50000 'C:\Windows\system32\uxtheme.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa740000 'C:\Windows\system32\advapi32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa95f0000 LB 0x0002e000 C:\Windows\system32\userenv.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa95f0000 'C:\Windows\system32\userenv.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaab80000 'C:\Windows\System32\kernel32.dll'
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaabec0000 LB 0x000a9000 C:\Windows\System32\clbcatq.dll [fFlags=0x0]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
4074.40fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.40fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.40fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.40fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
4074.40fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
4074.40fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxC.dll) WinVerifyTrust
4074.40fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxC.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcp100.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.40fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxC.dll
4074.40fc: supR3HardenedDllNotificationCallback: load   00007ffa45330000 LB 0x003c0000 F:\virtualbox\VBoxC.dll [fFlags=0x0]
4074.40fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxC.dll
4074.40fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa45330000 'F:\virtualbox\VBoxC.dll'
4074.40fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
4074.40fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
4074.40fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxProxyStub.dll) WinVerifyTrust
4074.40fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxProxyStub.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.40fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.40fc: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.40fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxProxyStub.dll
4074.40fc: supR3HardenedDllNotificationCallback: load   00007ffa540e0000 LB 0x000ef000 F:\virtualbox\VBoxProxyStub.dll [fFlags=0x0]
4074.40fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxProxyStub.dll
4074.40fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa540e0000 'F:\virtualbox\VBoxProxyStub.dll'
4074.40fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.40fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.40fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa020000 'C:\Windows\System32\oleaut32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa8d0000 'C:\Windows\system32\gdi32.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaabce0000 LB 0x00115000 C:\Windows\System32\MSCTF.dll [fFlags=0x0]
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'imm32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000960 pwszName=\Device\HarddiskVolume3\Windows\System32\DataExchange.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=783F5D82A4B979F1AE8853415E4264F3E2314DE6
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\DataExchange.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'd3d11.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'dcomp.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume3\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dcomp.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dcomp.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dxgi.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'win32u.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa7da0000 LB 0x000f3000 C:\Windows\system32\dxgi.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa5980000 LB 0x00264000 C:\Windows\system32\d3d11.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa5bf0000 LB 0x001e5000 C:\Windows\system32\dcomp.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa96880000 LB 0x0003e000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa8d0000 'C:\Windows\System32\gdi32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa96880000 'C:\Windows\system32\dataexchange.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'msvcp_win.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa2400000 LB 0x00208000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaba70000 'C:\Windows\system32\Shcore.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coreuicomponents.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'coremessaging.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'rpcrt4.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'ws2_32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntmarta.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntmarta.dll
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa8400000 LB 0x00033000 C:\Windows\SYSTEM32\ntmarta.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa6140000 LB 0x000f2000 C:\Windows\System32\CoreMessaging.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa4dd0000 LB 0x00156000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa5de0000 LB 0x0035e000 C:\Windows\System32\CoreUIComponents.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa99270000 LB 0x000fc000 C:\Windows\SYSTEM32\textinputframework.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume3\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ntmarta.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa970000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa970000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaab560000 'api-ms-win-core-com-l1-1-0.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaabce0000 'C:\Windows\System32\MSCTF.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'win32u.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'gdi32.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa6e30000 LB 0x0002f000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6e30000 'C:\Windows\system32\dwmapi.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6c50000 'C:\Windows\system32\uxtheme.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextShaping.dll)
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextShaping.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa93ec0000 LB 0x000ac000 C:\Windows\SYSTEM32\TextShaping.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextShaping.dll [avoiding WinVerifyTrust]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\TextShaping.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6e30000 'C:\Windows\System32\dwmapi.dll'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaabb40000 'C:\Windows\System32\ole32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa020000 'C:\Windows\System32\OLEAUT32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aac pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=707DD50B09AF532CC60D811EEEFB525036D0EC3B
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab4 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C300CB1A203662154729906A10B05CEE85D4742B
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa93cd0000 LB 0x00086000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa89df0000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa89df0000 'C:\Windows\system32\wbem\wbemprox.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a9c pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3CFF11F3C684911C4E61C8117C8CEB7CBDC749CB
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa89e40000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa89e40000 'C:\Windows\system32\wbem\wbemsvc.dll'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-localization-l1-2-0.dll'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aa8 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=184DC69A17259EC62BC6A74793DCE28D7CC5A1AC
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa88ee0000 LB 0x0010b000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa88ee0000 'C:\Windows\system32\wbem\fastprox.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ad0 pwszName=\Device\HarddiskVolume3\Windows\System32\amsi.dll
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=97764CBC54D020522D3ED8BD2BBA1282B13A6320
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\amsi.dll'
4074.33d4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\amsi.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\amsi.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa87970000 LB 0x00017000 C:\Windows\System32\amsi.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa87970000 'C:\Windows\System32\amsi.dll'
4074.33d4: \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll: Owner is administrators group.
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wintrust.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'crypt32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'version.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shell32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'shlwapi.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wintrust.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wintrust.dll' -> '\Device\HarddiskVolume3\Windows\System32\wintrust.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.33d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\psapi.dll) WinVerifyTrust
4074.33d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\psapi.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\McAfee\MfeAV\AMSIExt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
4074.33d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaaa730000 LB 0x00008000 C:\Windows\System32\PSAPI.DLL [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\psapi.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffaa1fb0000 LB 0x0000a000 C:\Windows\SYSTEM32\VERSION.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
4074.33d4: supR3HardenedDllNotificationCallback: load   00007ffa878d0000 LB 0x0009b000 C:\Program Files\McAfee\MfeAV\AMSIExt.dll [fFlags=0x0]
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-synch-l1-2-0'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-fibers-l1-1-1'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-synch-l1-2-0'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-fibers-l1-1-1'
4074.33d4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa9a80000 'api-ms-win-core-localization-l1-2-1'
4074.33d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
4074.33d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaab80000 'C:\Windows\System32\kernel32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa878d0000 'C:\Program Files\McAfee\MfeAV\AMSIExt.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaa740000 'C:\Windows\System32\ADVAPI32.dll'
4074.450: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.450: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.450: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
4074.450: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxVMM.dll) WinVerifyTrust
4074.450: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxVMM.dll
4074.450: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.450: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.450: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.450: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.450: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.450: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxVMM.dll
4074.450: supR3HardenedDllNotificationCallback: load   00007ffa286b0000 LB 0x0037e000 F:\virtualbox\VBoxVMM.DLL [fFlags=0x0]
4074.450: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxVMM.dll
4074.450: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa286b0000 'F:\virtualbox\VBoxVMM.DLL'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c8c pwszName=\Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C55CF6F88F96953426D647BA94686B330A7EFFC1
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04111~31bf3856ad364e35~amd64~~10.0.19041.329.cat'; file='\Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'oleaut32.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'ws2_32.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'netsetupapi.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'setupapi.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'devrtl.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devrtl.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devrtl.dll' -> '\Device\HarddiskVolume3\Windows\System32\devrtl.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c78 pwszName=\Device\HarddiskVolume3\Windows\System32\devrtl.dll
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=33BBF6397EB75AA0F0A1F00943D02D98D1F9C5BA
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.19041.572.cat'; file='\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devrtl.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devrtl.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'cfgmgr32.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'bcrypt.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netsetupapi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'netsetupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\netsetupapi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
4074.333c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupShim.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devrtl.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa9de0000 LB 0x0004e000 C:\Windows\System32\cfgmgr32.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa98440000 LB 0x00026000 C:\Windows\System32\NetSetupApi.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaaa2c0000 LB 0x00467000 C:\Windows\System32\setupapi.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa93cb0000 LB 0x00014000 C:\Windows\System32\DEVRTL.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devrtl.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa93e10000 LB 0x00078000 C:\Windows\System32\NetSetupShim.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa93e10000 'C:\Windows\System32\NetSetupShim.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'nsi.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'winnsi.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
4074.333c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\nsi.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupEngine.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaaa960000 LB 0x00009000 C:\Windows\System32\NSI.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa1f80000 LB 0x0000b000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa798c0000 LB 0x000ca000 C:\Windows\System32\NetSetupEngine.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa798c0000 'C:\Windows\System32\NetSetupEngine.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
4074.2a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.2a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.2a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
4074.2a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
4074.2a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
4074.2a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
4074.2a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxSharedClipboard.dll) WinVerifyTrust
4074.2a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxSharedClipboard.dll
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxvmm.dll' [rcNtRedir=0xc0150008]
4074.2a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxVMM.dll
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.2a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.2a08: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.2a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxSharedClipboard.dll
4074.2a08: supR3HardenedDllNotificationCallback: load   00007ffaa4c60000 LB 0x00010000 F:\virtualbox\VBoxSharedClipboard.DLL [fFlags=0x0]
4074.2a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxSharedClipboard.dll
4074.2a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4c60000 'F:\virtualbox\VBoxSharedClipboard.DLL'
4074.2e54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.2e54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.2e54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
4074.2e54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
4074.2e54: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxDragAndDropSvc.dll) WinVerifyTrust
4074.2e54: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxDragAndDropSvc.dll
4074.2e54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.2e54: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.2e54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.2e54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.2e54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.2e54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.2e54: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.2e54: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDragAndDropSvc.dll
4074.2e54: supR3HardenedDllNotificationCallback: load   00007ffaa3610000 LB 0x0000d000 F:\virtualbox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
4074.2e54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDragAndDropSvc.dll
4074.2e54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3610000 'F:\virtualbox\VBoxDragAndDropSvc.DLL'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\Shell32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d34 pwszName=\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E4C882F4212D993AB8CD1218452ADE578B4E8723
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.329.cat'; file='\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vid.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vid.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vid.dll' -> '\Device\HarddiskVolume3\Windows\System32\vid.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vid.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vid.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa993a0000 LB 0x0001b000 C:\Windows\SYSTEM32\vid.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa993c0000 LB 0x00026000 C:\Windows\system32\WinHvPlatform.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa993c0000 'C:\Windows\system32\WinHvPlatform.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa993a0000 'C:\Windows\system32\vid.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaabfb0000 'C:\Windows\system32\NTDLL.DLL'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxDD.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxDD.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxdd2.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxDD2.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxDD2.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxddu.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\msvcr100.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxDDU.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxDDU.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxvmm.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxVMM.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDD.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDDU.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDD2.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa8c110000 LB 0x00067000 F:\virtualbox\VBoxDDU.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDDU.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa27460000 LB 0x0085c000 F:\virtualbox\VBoxDD2.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDD2.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa8ad0000 LB 0x0003b000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa27cc0000 LB 0x009e6000 F:\virtualbox\VBoxDD.DLL [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDD.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27cc0000 'F:\virtualbox\VBoxDD.DLL'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxC.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa45330000 'F:\virtualbox\VBoxC.DLL'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxDD2.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27460000 'F:\virtualbox\VBoxDD2.DLL'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.21a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.21a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.21a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
4074.21a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
4074.21a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxSharedFolders.dll) WinVerifyTrust
4074.21a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxSharedFolders.dll
4074.21a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.21a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.21a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
4074.21a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxvmm.dll' [rcNtRedir=0xc0150008]
4074.21a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxVMM.dll
4074.21a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.21a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.21a8: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.21a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxSharedFolders.dll
4074.21a8: supR3HardenedDllNotificationCallback: load   00007ffa967d0000 LB 0x00014000 F:\virtualbox\VBoxSharedFolders.DLL [fFlags=0x0]
4074.21a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxSharedFolders.dll
4074.21a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa967d0000 'F:\virtualbox\VBoxSharedFolders.DLL'
4074.31ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.31ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.31ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
4074.31ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
4074.31ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
4074.31ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxGuestControlSvc.dll) WinVerifyTrust
4074.31ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxGuestControlSvc.dll
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxvmm.dll' [rcNtRedir=0xc0150008]
4074.31ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxVMM.dll
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.31ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.31ac: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.31ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxGuestControlSvc.dll
4074.31ac: supR3HardenedDllNotificationCallback: load   00007ffa967c0000 LB 0x0000c000 F:\virtualbox\VBoxGuestControlSvc.DLL [fFlags=0x0]
4074.31ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxGuestControlSvc.dll
4074.31ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa967c0000 'F:\virtualbox\VBoxGuestControlSvc.DLL'
4074.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
4074.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
4074.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
4074.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\virtualbox\VBoxGuestPropSvc.dll) WinVerifyTrust
4074.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\virtualbox\VBoxGuestPropSvc.dll
4074.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
4074.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\virtualbox\vboxrt.dll' [rcNtRedir=0xc0150008]
4074.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
4074.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcp100.dll' [rcNtRedir=0xc0150008]
4074.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
4074.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\virtualbox\msvcr100.dll' [rcNtRedir=0xc0150008]
4074.2134: supR3HardenedMonitor_LdrLoadDll: pName=F:\virtualbox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxGuestPropSvc.dll
4074.2134: supR3HardenedDllNotificationCallback: load   00007ffa94140000 LB 0x0000d000 F:\virtualbox\VBoxGuestPropSvc.DLL [fFlags=0x0]
4074.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\virtualbox\VBoxGuestPropSvc.dll
4074.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa94140000 'F:\virtualbox\VBoxGuestPropSvc.DLL'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa93e0000 LB 0x0002c000 C:\Windows\System32\DEVOBJ.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa1820000 LB 0x00085000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa1820000 'C:\Windows\System32\MMDevApi.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000109c pwszName=\Device\HarddiskVolume3\Windows\System32\dsound.dll
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=52FFFB4153FE3DAE37A0C896FAC0D39F6841832F
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.19041.508.cat'; file='\Device\HarddiskVolume3\Windows\System32\dsound.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dsound.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dsound.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa9560000 LB 0x0004b000 C:\Windows\SYSTEM32\powrprof.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll [avoiding WinVerifyTrust]
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa95a90000 LB 0x00026000 C:\Windows\SYSTEM32\winmmbase.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa68b80000 LB 0x0009c000 C:\Windows\System32\dsound.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\umpdc.dll)
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\umpdc.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa9540000 LB 0x00012000 C:\Windows\SYSTEM32\UMPDC.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\umpdc.dll [avoiding WinVerifyTrust]
4074.333c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
4074.333c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
4074.333c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa68b80000 'C:\Windows\System32\dsound.dll'
4074.333c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
4074.333c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
4074.333c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa68b80000 'C:\Windows\System32\dsound.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa68b80000 'C:\Windows\system32\dsound.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa1820000 'C:\Windows\System32\MMDEVAPI.DLL'
4074.33ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.33ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.33ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4074.33ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
4074.33ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
4074.33ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
4074.33ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll) WinVerifyTrust
4074.33ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
4074.33ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
4074.33ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
4074.33ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.33ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
4074.33ac: supR3HardenedDllNotificationCallback: load   00007ffaa19b0000 LB 0x00181000 C:\Windows\System32\AUDIOSES.DLL [fFlags=0x0]
4074.33ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
4074.33ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa19b0000 'C:\Windows\System32\AUDIOSES.DLL'
4074.33ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.33ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
4074.33ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll)
4074.33ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll
4074.33ac: supR3HardenedDllNotificationCallback: load   00007ffaa69d0000 LB 0x00014000 C:\Windows\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
4074.33ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001118 pwszName=\Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7F7F29B63FBFB61F7E4F361F4C3593442D614D77
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.19041.508.cat'; file='\Device\HarddiskVolume3\Windows\System32\wdmaud.drv'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ksuser.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'avrt.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa23b0000 LB 0x00009000 C:\Windows\SYSTEM32\ksuser.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa3bb0000 LB 0x0000a000 C:\Windows\SYSTEM32\AVRT.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa7c7f0000 LB 0x00046000 C:\Windows\System32\wdmaud.drv [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa7c7f0000 'C:\Windows\System32\wdmaud.drv'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001078 pwszName=\Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F871EA11D693E9807F8DF13D54497BA0E40D30AB
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.19041.508.cat'; file='\Device\HarddiskVolume3\Windows\System32\msacm32.drv'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffa96690000 LB 0x0001e000 C:\Windows\SYSTEM32\MSACM32.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa4f40000 LB 0x0000d000 C:\Windows\System32\msacm32.drv [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f40000 'C:\Windows\System32\msacm32.drv'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000107c pwszName=\Device\HarddiskVolume3\Windows\System32\midimap.dll
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cce4d0
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3B1E0F68F4DF584853FE4112795D7092EFE15F7D
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8770000 'C:\Windows\system32\rsaenh.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa97a0000 'C:\Windows\System32\crypt32.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.19041.508.cat'; file='\Device\HarddiskVolume3\Windows\System32\midimap.dll'
4074.333c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4074.333c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
4074.333c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\midimap.dll) WinVerifyTrust
4074.333c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4074.333c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
4074.333c: supR3HardenedDllNotificationCallback: load   00007ffaa4f30000 LB 0x0000b000 C:\Windows\System32\midimap.dll [fFlags=0x0]
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f30000 'C:\Windows\System32\midimap.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f30000 'C:\Windows\System32\midimap.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f30000 'C:\Windows\System32\midimap.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4f30000 'C:\Windows\System32\midimap.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
4074.333c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa68b80000 'C:\Windows\system32\dsound.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.333c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa8ecb0000 'C:\Windows\System32\winmm.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'
4074.33d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaae20000 'C:\Windows\system32\shell32.dll'