VirtualBox'a Kali Linux kurarken 0x80004005 hatası
- Konuyu başlatan XsenoN1
- Başlangıç Tarihi
- Mesaj 6
- Görüntüleme 904
-
- Etiketler
- kali 2021 kali linux hata virtual box
The User 0
Hectopat
- Katılım
- 14 Eylül 2020
- Mesajlar
- 2.117
- Çözümler
- 42
Daha fazla
- Sistem Özellikleri
- HP Laptop 15-da1083nt
Intel Core i5-8265U @ 1.60GHz
Intel UHD Graphics 620
NVidia GeForce MX130
WD NVMe 480GB
A-Data 8GB CL17 2400MHz
HP 22es 1080p 60Hz
HyperX PulseFire Raid
- Cinsiyet
- Erkek
- Meslek
- Öğrenci
Bahsettiği dosyayı atar mısın?
KS
KS
XsenoN1
Femtopat
- Katılım
- 10 Haziran 2021
- Mesajlar
- 37
Daha fazla
- Cinsiyet
- Erkek
tabiki
normalde .log dosyası ama siteye yüklenmediği için .txt yaptım.
Son düzenleme:
The User 0
Hectopat
- Katılım
- 14 Eylül 2020
- Mesajlar
- 2.117
- Çözümler
- 42
Daha fazla
- Sistem Özellikleri
- HP Laptop 15-da1083nt
Intel Core i5-8265U @ 1.60GHz
Intel UHD Graphics 620
NVidia GeForce MX130
WD NVMe 480GB
A-Data 8GB CL17 2400MHz
HP 22es 1080p 60Hz
HyperX PulseFire Raid
- Cinsiyet
- Erkek
- Meslek
- Öğrenci
Dosya gelmedi henüz.
KS
KS
XsenoN1
Femtopat
- Katılım
- 10 Haziran 2021
- Mesajlar
- 37
Daha fazla
- Cinsiyet
- Erkek
dosya yüklenmiyor
The User 0
Hectopat
- Katılım
- 14 Eylül 2020
- Mesajlar
- 2.117
- Çözümler
- 42
Daha fazla
- Sistem Özellikleri
- HP Laptop 15-da1083nt
Intel Core i5-8265U @ 1.60GHz
Intel UHD Graphics 620
NVidia GeForce MX130
WD NVMe 480GB
A-Data 8GB CL17 2400MHz
HP 22es 1080p 60Hz
HyperX PulseFire Raid
- Cinsiyet
- Erkek
- Meslek
- Öğrenci
İçindekileri sürpriz bozan ile buraya kopyala yapıştır yapın.dosya yüklenmiyor
KS
KS
XsenoN1
Femtopat
- Katılım
- 10 Haziran 2021
- Mesajlar
- 37
Daha fazla
- Cinsiyet
- Erkek
o
olmuyor
ff8.1250: Log file opened: 6.1.22r144080 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
ff8.1250: \SystemRoot\System32\ntdll.dll:
ff8.1250: CreationTime: 2021-06-01T09:33:57.725948900Z
ff8.1250: LastWriteTime: 2020-01-03T03:35:05.302579400Z
ff8.1250: ChangeTime: 2021-06-01T09:37:19.505903000Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x198080
ff8.1250: NT Headers: 0xe0
ff8.1250: Timestamp: 0x5e0eb67f
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x5e0eb67f
ff8.1250: Image Version: 6.1
ff8.1250: SizeOfImage: 0x19f000 (1699840)
ff8.1250: Resource Dir: 0x142000 LB 0x5a038
ff8.1250: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x1420f0 LB 0x38c, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Microsoft® Windows® Operating System
ff8.1250: ProductVersion: 6.1.7601.24545
ff8.1250: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
ff8.1250: FileDescription: NT Layer DLL
ff8.1250: \SystemRoot\System32\kernel32.dll:
ff8.1250: CreationTime: 2021-06-01T09:34:11.110772400Z
ff8.1250: LastWriteTime: 2020-01-03T03:33:39.604000000Z
ff8.1250: ChangeTime: 2021-06-01T09:37:20.020703900Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x11be00
ff8.1250: NT Headers: 0xe0
ff8.1250: Timestamp: 0x5e0eb6bc
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x5e0eb6bc
ff8.1250: Image Version: 6.1
ff8.1250: SizeOfImage: 0x11f000 (1175552)
ff8.1250: Resource Dir: 0x116000 LB 0x530
ff8.1250: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x1160b0 LB 0x3b0, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Microsoft® Windows® Operating System
ff8.1250: ProductVersion: 6.1.7601.24545
ff8.1250: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
ff8.1250: FileDescription: Windows NT BASE API Client DLL
ff8.1250: \SystemRoot\System32\KernelBase.dll:
ff8.1250: CreationTime: 2021-06-01T09:34:14.854778900Z
ff8.1250: LastWriteTime: 2020-01-03T03:33:39.604000000Z
ff8.1250: ChangeTime: 2021-06-01T09:37:20.161104200Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x63c00
ff8.1250: NT Headers: 0xe8
ff8.1250: Timestamp: 0x5e0eb6bd
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x5e0eb6bd
ff8.1250: Image Version: 6.1
ff8.1250: SizeOfImage: 0x67000 (421888)
ff8.1250: Resource Dir: 0x65000 LB 0x538
ff8.1250: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x650b0 LB 0x3b8, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Microsoft® Windows® Operating System
ff8.1250: ProductVersion: 6.1.7601.24545
ff8.1250: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
ff8.1250: FileDescription: Windows NT BASE API Client DLL
ff8.1250: \SystemRoot\System32\apisetschema.dll:
ff8.1250: CreationTime: 2021-06-01T09:34:12.467974800Z
ff8.1250: LastWriteTime: 2020-01-03T03:33:11.406000000Z
ff8.1250: ChangeTime: 2021-06-01T09:37:19.521503100Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x1c00
ff8.1250: NT Headers: 0xc0
ff8.1250: Timestamp: 0x5e0eb63f
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x5e0eb63f
ff8.1250: Image Version: 6.1
ff8.1250: SizeOfImage: 0x50000 (327680)
ff8.1250: Resource Dir: 0x30000 LB 0x408
ff8.1250: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x30060 LB 0x3a4, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Microsoft® Windows® Operating System
ff8.1250: ProductVersion: 6.1.7601.24545
ff8.1250: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
ff8.1250: FileDescription: ApiSet Schema DLL
ff8.1250: NtOpenDirectoryObject failed on \Driver: 0xc0000022
ff8.1250: supR3HardenedWinFindAdversaries: 0x480
ff8.1250: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
ff8.1250: CreationTime: 2021-06-03T10:10:51.070159700Z
ff8.1250: LastWriteTime: 2021-06-03T10:10:51.070159700Z
ff8.1250: ChangeTime: 2021-06-03T10:10:51.096161200Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x3cca0
ff8.1250: NT Headers: 0xf0
ff8.1250: Timestamp: 0x5fd26d8f
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x5fd26d8f
ff8.1250: Image Version: 10.0
ff8.1250: SizeOfImage: 0x3f000 (258048)
ff8.1250: Resource Dir: 0x3d000 LB 0x3b8
ff8.1250: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x3d060 LB 0x358, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Malwarebytes SwissArmy
ff8.1250: ProductVersion: 4.3.0.179
ff8.1250: FileVersion: 4.3.0.179
ff8.1250: FileDescription: Malwarebytes SwissArmy
ff8.1250: \SystemRoot\System32\drivers\mwac.sys:
ff8.1250: CreationTime: 2021-06-10T14:48:28.356425700Z
ff8.1250: LastWriteTime: 2021-06-10T14:48:28.356425700Z
ff8.1250: ChangeTime: 2021-06-10T14:48:28.356425700Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x23ab8
ff8.1250: NT Headers: 0xe8
ff8.1250: Timestamp: 0x60649145
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x60649145
ff8.1250: Image Version: 10.0
ff8.1250: SizeOfImage: 0x28000 (163840)
ff8.1250: Resource Dir: 0x26000 LB 0x380
ff8.1250: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x26060 LB 0x320, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Malwarebytes Web Protection
ff8.1250: ProductVersion: 1.0.0.107
ff8.1250: FileVersion: 1.0.0.107
ff8.1250: FileDescription: Malwarebytes Web Protection
ff8.1250: \SystemRoot\System32\drivers\mbamchameleon.sys:
ff8.1250: CreationTime: 2021-06-10T14:48:27.116423900Z
ff8.1250: LastWriteTime: 2021-06-10T14:48:27.116423900Z
ff8.1250: ChangeTime: 2021-06-10T14:48:27.136423900Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x35e50
ff8.1250: NT Headers: 0xf8
ff8.1250: Timestamp: 0x6058acb0
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x6058acb0
ff8.1250: Image Version: 10.0
ff8.1250: SizeOfImage: 0x38000 (229376)
ff8.1250: Resource Dir: 0x36000 LB 0x3b8
ff8.1250: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x36060 LB 0x358, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Malwarebytes Chameleon
ff8.1250: ProductVersion: 3.1.0.328
ff8.1250: FileVersion: 3.1.0.328
ff8.1250: FileDescription: Malwarebytes Chameleon
ff8.1250: \SystemRoot\System32\drivers\mbam.sys:
ff8.1250: CreationTime: 2021-06-10T14:48:34.411255500Z
ff8.1250: LastWriteTime: 2021-06-10T14:48:34.395655500Z
ff8.1250: ChangeTime: 2021-06-10T14:48:34.395655500Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x12eb8
ff8.1250: NT Headers: 0xd8
ff8.1250: Timestamp: 0x5fd245b7
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x5fd245b7
ff8.1250: Image Version: 10.0
ff8.1250: SizeOfImage: 0x14000 (81920)
ff8.1250: Resource Dir: 0x12000 LB 0x3c0
ff8.1250: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x12060 LB 0x360, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Malwarebytes Real-Time Protection
ff8.1250: ProductVersion: 3.1.0.201
ff8.1250: FileVersion: 3.1.0.201
ff8.1250: FileDescription: Malwarebytes Real-Time Protection
ff8.1250: \SystemRoot\System32\drivers\MpFilter.sys:
ff8.1250: CreationTime: 2015-11-13T05:50:26.000000000Z
ff8.1250: LastWriteTime: 2015-11-13T05:50:26.000000000Z
ff8.1250: ChangeTime: 2021-06-03T09:52:18.349211800Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x46960
ff8.1250: NT Headers: 0xe8
ff8.1250: Timestamp: 0x56330e4f
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x56330e4f
ff8.1250: Image Version: 6.3
ff8.1250: SizeOfImage: 0x44000 (278528)
ff8.1250: Resource Dir: 0x42000 LB 0xd90
ff8.1250: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x42110 LB 0x37c, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Microsoft Malware Protection
ff8.1250: ProductVersion: 4.9.0210.0
ff8.1250: FileVersion: 4.9.0210.0
ff8.1250: FileDescription: Microsoft antimalware file system filter driver
ff8.1250: \SystemRoot\System32\drivers\NisDrvWFP.sys:
ff8.1250: CreationTime: 2013-09-27T06:53:06.000000000Z
ff8.1250: LastWriteTime: 2015-11-13T05:50:26.000000000Z
ff8.1250: ChangeTime: 2021-06-03T09:52:18.305209300Z
ff8.1250: FileAttributes: 0x20
ff8.1250: Size: 0x20ab8
ff8.1250: NT Headers: 0xe0
ff8.1250: Timestamp: 0x56330e8a
ff8.1250: Machine: 0x8664 - amd64
ff8.1250: Timestamp: 0x56330e8a
ff8.1250: Image Version: 6.3
ff8.1250: SizeOfImage: 0x1f000 (126976)
ff8.1250: Resource Dir: 0x1c000 LB 0x1b90
ff8.1250: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
ff8.1250: [Raw version resource data: 0x1d728 LB 0x380, codepage 0x0 (reserved 0x0)]
ff8.1250: ProductName: Microsoft Malware Protection
ff8.1250: ProductVersion: 4.9.0210.0
ff8.1250: FileVersion: 4.9.0210.0
ff8.1250: FileDescription: Microsoft Network Realtime Inspection Driver
ff8.1250: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
ff8.1250: Calling main()
ff8.1250: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
ff8.1250: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
ff8.1250: SUPR3HardenedMain: Respawn #1
ff8.1250: System32: \Device\HarddiskVolume2\Windows\System32
ff8.1250: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
ff8.1250: KnownDllPath: C:\Windows\system32
ff8.1250: supR3HardenedWinInit: Performing a limited self purification...
ff8.1250: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
ff8.1250: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000010000-000000000001ffff 0x0004/0x0004 0x0040000
ff8.1250: 0000000000020000-000000000002ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
ff8.1250: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
ff8.1250: 0000000000041000-000000000004ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000050000-00000000000b6fff 0x0002/0x0002 0x0040000
ff8.1250: 00000000000b7000-000000000016ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000170000-0000000000221fff 0x0000/0x0004 0x0020000
ff8.1250: 0000000000222000-0000000000223fff 0x0104/0x0004 0x0020000
ff8.1250: 0000000000224000-000000000026ffff 0x0004/0x0004 0x0020000
ff8.1250: 0000000000270000-00000000003fffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000400000-0000000000404fff 0x0004/0x0004 0x0020000
ff8.1250: 0000000000405000-00000000004fffff 0x0000/0x0004 0x0020000
ff8.1250: 0000000000500000-000000000062ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000630000-0000000000699fff 0x0004/0x0004 0x0020000
ff8.1250: 000000000069a000-00000000006affff 0x0000/0x0004 0x0020000
ff8.1250: *00000000006b0000-000000000084ffff 0x0004/0x0004 0x0020000
ff8.1250: 0000000000850000-0000000076f7ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000076f80000-0000000076f80fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
ff8.1250: 0000000076f81000-000000007701bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
ff8.1250: 000000007701c000-0000000077089fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
ff8.1250: 000000007708a000-000000007708bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
ff8.1250: 000000007708c000-000000007709efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
ff8.1250: 000000007709f000-000000007709ffff 0x0001/0x0000 0x0000000
ff8.1250: *00000000770a0000-00000000770a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000770a1000-00000000771c4fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771c5000-00000000771c6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771c7000-00000000771c8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771c9000-00000000771cafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771cb000-00000000771cdfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771ce000-00000000771d0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771d1000-00000000771d3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771d4000-000000007723efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 000000007723f000-000000007efdffff 0x0001/0x0000 0x0000000
ff8.1250: *000000007efe0000-000000007efe4fff 0x0002/0x0002 0x0040000
ff8.1250: 000000007efe5000-000000007f0dffff 0x0000/0x0002 0x0040000
ff8.1250: *000000007f0e0000-000000007ffdffff 0x0000/0x0002 0x0020000
ff8.1250: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
ff8.1250: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
ff8.1250: 000000007fff0000-000000013f2dffff 0x0001/0x0000 0x0000000
ff8.1250: *000000013f2e0000-000000013f2e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f2e1000-000000013f357fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f358000-000000013f358fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f359000-000000013f3a1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3a2000-000000013f3a4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3a5000-000000013f3a7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3a8000-000000013f3aafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3ab000-000000013f3abfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3ac000-000000013f3adfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3ae000-000000013f3aefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3af000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3f8000-000007fefcc2ffff 0x0001/0x0000 0x0000000
ff8.1250: *000007fefcc30000-000007fefcc30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
ff8.1250: 000007fefcc31000-000007fefcc77fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
ff8.1250: 000007fefcc78000-000007fefcc8cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
ff8.1250: 000007fefcc8d000-000007fefcc8efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
ff8.1250: 000007fefcc8f000-000007fefcc96fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
ff8.1250: 000007fefcc97000-000007feff39ffff 0x0001/0x0000 0x0000000
ff8.1250: *000007feff3a0000-000007feff3a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
ff8.1250: 000007feff3a1000-000007fffffaffff 0x0001/0x0000 0x0000000
ff8.1250: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
ff8.1250: 000007fffffd3000-000007fffffd3fff 0x0001/0x0000 0x0000000
ff8.1250: *000007fffffd4000-000007fffffd4fff 0x0004/0x0004 0x0020000
ff8.1250: 000007fffffd5000-000007fffffddfff 0x0001/0x0000 0x0000000
ff8.1250: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
ff8.1250: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
ff8.1250: apisetschema.dll: timestamp 0x5e0eb63f (rc=VINF_SUCCESS)
ff8.1250: kernelbase.dll: timestamp 0x5e0eb6bd (rc=VINF_SUCCESS)
ff8.1250: VirtualBoxVM.exe: timestamp 0x60898c77 (rc=VINF_SUCCESS)
ff8.1250: kernel32.dll: timestamp 0x5e0eb6bc (rc=VINF_SUCCESS)
ff8.1250: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
ff8.1250: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
ff8.1250: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
ff8.1250: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
ff8.1250: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
ff8.1250: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
ff8.1250: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
ff8.1250: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
ff8.1250: supR3HardNtEnableThreadCreationEx:
ff8.1250: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770e3730 pvNtTerminateThread=0000000077109cd0
ff8.1250: supR3HardenedWinDoReSpawn(1): New child 137c.1090 [kernel32].
ff8.1250: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd7000 cbPeb=0x380
ff8.1250: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000770a0000 uNtDllChildAddr=00000000770a0000
ff8.1250: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000770e3730
ff8.1250: supR3HardenedWinSetupChildInit: Initial context:
rax=0000000000000000 rbx=0000000000000000 rcx=000000013f2e7900 rdx=000007fffffd7000
rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
rip=00000000770f3710 rsp=00000000001bfa58 rbp=0000000000000000 ctxflags=0010001b
cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
ff8.1250: supR3HardenedWinSetupChildInit: Start child.
ff8.1250: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
ff8.1250: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
ff8.1250: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
ff8.1250: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
ff8.1250: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
ff8.1250: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
ff8.1250: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
ff8.1250: 0000000000041000-00000000000bffff 0x0001/0x0000 0x0000000
ff8.1250: *00000000000c0000-00000000001bbfff 0x0000/0x0004 0x0020000
ff8.1250: 00000000001bc000-00000000001bdfff 0x0104/0x0004 0x0020000
ff8.1250: 00000000001be000-00000000001bffff 0x0004/0x0004 0x0020000
ff8.1250: 00000000001c0000-000000007709ffff 0x0001/0x0000 0x0000000
ff8.1250: *00000000770a0000-00000000770a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000770a1000-00000000771c4fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771c5000-00000000771cafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771cb000-00000000771cbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771cc000-00000000771d3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 00000000771d4000-000000007723efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
ff8.1250: 000000007723f000-000000007efdffff 0x0001/0x0000 0x0000000
ff8.1250: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
ff8.1250: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
ff8.1250: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
ff8.1250: 000000007fff0000-000000013f2dffff 0x0001/0x0000 0x0000000
ff8.1250: *000000013f2e0000-000000013f2e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f2e1000-000000013f357fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f358000-000000013f358fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f359000-000000013f3a1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3a2000-000000013f3a2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3a3000-000000013f3a3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3a4000-000000013f3a8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3a9000-000000013f3a9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3aa000-000000013f3aafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3ab000-000000013f3aefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3af000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
ff8.1250: 000000013f3f8000-000007feff39ffff 0x0001/0x0000 0x0000000
ff8.1250: *000007feff3a0000-000007feff3a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
ff8.1250: 000007feff3a1000-000007fffffaffff 0x0001/0x0000 0x0000000
ff8.1250: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
ff8.1250: 000007fffffd3000-000007fffffd6fff 0x0001/0x0000 0x0000000
ff8.1250: *000007fffffd7000-000007fffffd7fff 0x0004/0x0004 0x0020000
ff8.1250: 000007fffffd8000-000007fffffddfff 0x0001/0x0000 0x0000000
ff8.1250: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
ff8.1250: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
ff8.1250: supR3HardNtChildPurify: Done after 525 ms and 0 fixes (loop #0).
137c.1090: Log file opened: 6.1.22r144080 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
137c.1090: supR3HardenedVmProcessInit: uNtDllAddr=00000000770a0000 g_uNtVerCombined=0x611db100 (stack ~00000000001bf508)
137c.1090: ntdll.dll: timestamp 0x5e0eb67f (rc=VINF_SUCCESS)
137c.1090: New simple heap: #1 00000000002c0000 LB 0x400000 (for 1699840 allocation)
ff8.1250: supR3HardNtEnableThreadCreationEx:
137c.1090: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
137c.1090: System32: \Device\HarddiskVolume2\Windows\System32
137c.1090: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
137c.1090: KnownDllPath: C:\Windows\system32
137c.1090: supR3HardenedVmProcessInit: Opening vboxdrv stub...
137c.1090: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
137c.1090: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
137c.1090: Registered Dll notification callback with NTDLL.
137c.1090: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
137c.1090: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
137c.1090: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
137c.1090: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
137c.1090: supR3HardenedDllNotificationCallback: load 0000000076f80000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
137c.1090: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
137c.1090: supR3HardenedDllNotificationCallback: load 000007fefcc30000 LB 0x00067000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
137c.1090: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
137c.1090: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
137c.1090: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076f80000 'C:\Windows\system32\kernel32.dll'
137c.1090: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770e3730 pvNtTerminateThread=0000000077109cd0
ff8.1250: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 52 ms.
137c.1090: \SystemRoot\System32\ntdll.dll:
137c.1090: CreationTime: 2021-06-01T09:33:57.725948900Z
137c.1090: LastWriteTime: 2020-01-03T03:35:05.302579400Z
137c.1090: ChangeTime: 2021-06-01T09:37:19.505903000Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x198080
137c.1090: NT Headers: 0xe0
137c.1090: Timestamp: 0x5e0eb67f
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x5e0eb67f
137c.1090: Image Version: 6.1
137c.1090: SizeOfImage: 0x19f000 (1699840)
137c.1090: Resource Dir: 0x142000 LB 0x5a038
137c.1090: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x1420f0 LB 0x38c, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Microsoft® Windows® Operating System
137c.1090: ProductVersion: 6.1.7601.24545
137c.1090: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
137c.1090: FileDescription: NT Layer DLL
137c.1090: \SystemRoot\System32\kernel32.dll:
137c.1090: CreationTime: 2021-06-01T09:34:11.110772400Z
137c.1090: LastWriteTime: 2020-01-03T03:33:39.604000000Z
137c.1090: ChangeTime: 2021-06-01T09:37:20.020703900Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x11be00
137c.1090: NT Headers: 0xe0
137c.1090: Timestamp: 0x5e0eb6bc
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x5e0eb6bc
137c.1090: Image Version: 6.1
137c.1090: SizeOfImage: 0x11f000 (1175552)
137c.1090: Resource Dir: 0x116000 LB 0x530
137c.1090: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x1160b0 LB 0x3b0, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Microsoft® Windows® Operating System
137c.1090: ProductVersion: 6.1.7601.24545
137c.1090: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
137c.1090: FileDescription: Windows NT BASE API Client DLL
137c.1090: \SystemRoot\System32\KernelBase.dll:
137c.1090: CreationTime: 2021-06-01T09:34:14.854778900Z
137c.1090: LastWriteTime: 2020-01-03T03:33:39.604000000Z
137c.1090: ChangeTime: 2021-06-01T09:37:20.161104200Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x63c00
137c.1090: NT Headers: 0xe8
137c.1090: Timestamp: 0x5e0eb6bd
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x5e0eb6bd
137c.1090: Image Version: 6.1
137c.1090: SizeOfImage: 0x67000 (421888)
137c.1090: Resource Dir: 0x65000 LB 0x538
137c.1090: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x650b0 LB 0x3b8, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Microsoft® Windows® Operating System
137c.1090: ProductVersion: 6.1.7601.24545
137c.1090: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
137c.1090: FileDescription: Windows NT BASE API Client DLL
137c.1090: \SystemRoot\System32\apisetschema.dll:
137c.1090: CreationTime: 2021-06-01T09:34:12.467974800Z
137c.1090: LastWriteTime: 2020-01-03T03:33:11.406000000Z
137c.1090: ChangeTime: 2021-06-01T09:37:19.521503100Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x1c00
137c.1090: NT Headers: 0xc0
137c.1090: Timestamp: 0x5e0eb63f
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x5e0eb63f
137c.1090: Image Version: 6.1
137c.1090: SizeOfImage: 0x50000 (327680)
137c.1090: Resource Dir: 0x30000 LB 0x408
137c.1090: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x30060 LB 0x3a4, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Microsoft® Windows® Operating System
137c.1090: ProductVersion: 6.1.7601.24545
137c.1090: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
137c.1090: FileDescription: ApiSet Schema DLL
137c.1090: NtOpenDirectoryObject failed on \Driver: 0xc0000022
137c.1090: supR3HardenedWinFindAdversaries: 0x480
137c.1090: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
137c.1090: CreationTime: 2021-06-03T10:10:51.070159700Z
137c.1090: LastWriteTime: 2021-06-03T10:10:51.070159700Z
137c.1090: ChangeTime: 2021-06-03T10:10:51.096161200Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x3cca0
137c.1090: NT Headers: 0xf0
137c.1090: Timestamp: 0x5fd26d8f
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x5fd26d8f
137c.1090: Image Version: 10.0
137c.1090: SizeOfImage: 0x3f000 (258048)
137c.1090: Resource Dir: 0x3d000 LB 0x3b8
137c.1090: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x3d060 LB 0x358, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Malwarebytes SwissArmy
137c.1090: ProductVersion: 4.3.0.179
137c.1090: FileVersion: 4.3.0.179
137c.1090: FileDescription: Malwarebytes SwissArmy
137c.1090: \SystemRoot\System32\drivers\mwac.sys:
137c.1090: CreationTime: 2021-06-10T14:48:28.356425700Z
137c.1090: LastWriteTime: 2021-06-10T14:48:28.356425700Z
137c.1090: ChangeTime: 2021-06-10T14:48:28.356425700Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x23ab8
137c.1090: NT Headers: 0xe8
137c.1090: Timestamp: 0x60649145
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x60649145
137c.1090: Image Version: 10.0
137c.1090: SizeOfImage: 0x28000 (163840)
137c.1090: Resource Dir: 0x26000 LB 0x380
137c.1090: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x26060 LB 0x320, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Malwarebytes Web Protection
137c.1090: ProductVersion: 1.0.0.107
137c.1090: FileVersion: 1.0.0.107
137c.1090: FileDescription: Malwarebytes Web Protection
137c.1090: \SystemRoot\System32\drivers\mbamchameleon.sys:
137c.1090: CreationTime: 2021-06-10T14:48:27.116423900Z
137c.1090: LastWriteTime: 2021-06-10T14:48:27.116423900Z
137c.1090: ChangeTime: 2021-06-10T14:48:27.136423900Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x35e50
137c.1090: NT Headers: 0xf8
137c.1090: Timestamp: 0x6058acb0
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x6058acb0
137c.1090: Image Version: 10.0
137c.1090: SizeOfImage: 0x38000 (229376)
137c.1090: Resource Dir: 0x36000 LB 0x3b8
137c.1090: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x36060 LB 0x358, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Malwarebytes Chameleon
137c.1090: ProductVersion: 3.1.0.328
137c.1090: FileVersion: 3.1.0.328
137c.1090: FileDescription: Malwarebytes Chameleon
137c.1090: \SystemRoot\System32\drivers\mbam.sys:
137c.1090: CreationTime: 2021-06-10T14:48:34.411255500Z
137c.1090: LastWriteTime: 2021-06-10T14:48:34.395655500Z
137c.1090: ChangeTime: 2021-06-10T14:48:34.395655500Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x12eb8
137c.1090: NT Headers: 0xd8
137c.1090: Timestamp: 0x5fd245b7
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x5fd245b7
137c.1090: Image Version: 10.0
137c.1090: SizeOfImage: 0x14000 (81920)
137c.1090: Resource Dir: 0x12000 LB 0x3c0
137c.1090: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x12060 LB 0x360, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Malwarebytes Real-Time Protection
137c.1090: ProductVersion: 3.1.0.201
137c.1090: FileVersion: 3.1.0.201
137c.1090: FileDescription: Malwarebytes Real-Time Protection
137c.1090: \SystemRoot\System32\drivers\MpFilter.sys:
137c.1090: CreationTime: 2015-11-13T05:50:26.000000000Z
137c.1090: LastWriteTime: 2015-11-13T05:50:26.000000000Z
137c.1090: ChangeTime: 2021-06-03T09:52:18.349211800Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x46960
137c.1090: NT Headers: 0xe8
137c.1090: Timestamp: 0x56330e4f
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x56330e4f
137c.1090: Image Version: 6.3
137c.1090: SizeOfImage: 0x44000 (278528)
137c.1090: Resource Dir: 0x42000 LB 0xd90
137c.1090: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x42110 LB 0x37c, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Microsoft Malware Protection
137c.1090: ProductVersion: 4.9.0210.0
137c.1090: FileVersion: 4.9.0210.0
137c.1090: FileDescription: Microsoft antimalware file system filter driver
137c.1090: \SystemRoot\System32\drivers\NisDrvWFP.sys:
137c.1090: CreationTime: 2013-09-27T06:53:06.000000000Z
137c.1090: LastWriteTime: 2015-11-13T05:50:26.000000000Z
137c.1090: ChangeTime: 2021-06-03T09:52:18.305209300Z
137c.1090: FileAttributes: 0x20
137c.1090: Size: 0x20ab8
137c.1090: NT Headers: 0xe0
137c.1090: Timestamp: 0x56330e8a
137c.1090: Machine: 0x8664 - amd64
137c.1090: Timestamp: 0x56330e8a
137c.1090: Image Version: 6.3
137c.1090: SizeOfImage: 0x1f000 (126976)
137c.1090: Resource Dir: 0x1c000 LB 0x1b90
137c.1090: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
137c.1090: [Raw version resource data: 0x1d728 LB 0x380, codepage 0x0 (reserved 0x0)]
137c.1090: ProductName: Microsoft Malware Protection
137c.1090: ProductVersion: 4.9.0210.0
137c.1090: FileVersion: 4.9.0210.0
137c.1090: FileDescription: Microsoft Network Realtime Inspection Driver
137c.1090: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
137c.1090: Calling main()
137c.1090: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
137c.1090: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
137c.1090: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
137c.1090: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
137c.1090: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
137c.1090: SUPR3HardenedMain: Respawn #2
137c.1090: supR3HardNtEnableThreadCreationEx:
137c.1090: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
137c.1090: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
137c.1090: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
137c.1090: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
137c.1090: supR3HardenedDllNotificationCallback: load 000007fefca30000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
137c.1090: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
137c.1090: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca30000 'C:\Windows\system32\apphelp.dll'
137c.1090: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770e3730 pvNtTerminateThread=0000000077109cd0
137c.1090: supR3HardenedWinDoReSpawn(2): New child 1130.25c [kernel32].
137c.1090: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdc000 cbPeb=0x380
137c.1090: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000770a0000 uNtDllChildAddr=00000000770a0000
137c.1090: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000770e3730
137c.1090: supR3HardenedWinSetupChildInit: Initial context:
rax=0000000000000000 rbx=0000000000000000 rcx=000000013f2e7900 rdx=000007fffffdc000
rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
rip=00000000770f3710 rsp=000000000030f7e8 rbp=0000000000000000 ctxflags=0010001b
cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
137c.1090: kernel32.dll: timestamp 0x5e0eb6bc (rc=VINF_SUCCESS)
137c.1090: supR3HardenedWinSetupChildInit: Start child.
137c.1090: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
137c.1090: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
137c.1090: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
137c.1090: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
137c.1090: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
137c.1090: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
137c.1090: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
137c.1090: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
137c.1090: 0000000000041000-000000000020ffff 0x0001/0x0000 0x0000000
137c.1090: *0000000000210000-000000000030bfff 0x0000/0x0004 0x0020000
137c.1090: 000000000030c000-000000000030dfff 0x0104/0x0004 0x0020000
137c.1090: 000000000030e000-000000000030ffff 0x0004/0x0004 0x0020000
137c.1090: 0000000000310000-000000007709ffff 0x0001/0x0000 0x0000000
137c.1090: *00000000770a0000-00000000770a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
137c.1090: 00000000770a1000-00000000771c4fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
137c.1090: 00000000771c5000-00000000771cafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
137c.1090: 00000000771cb000-00000000771cbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
137c.1090: 00000000771cc000-00000000771d3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
137c.1090: 00000000771d4000-000000007723efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
137c.1090: 000000007723f000-000000007efdffff 0x0001/0x0000 0x0000000
137c.1090: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
137c.1090: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
137c.1090: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
137c.1090: 000000007fff0000-000000013f2dffff 0x0001/0x0000 0x0000000
137c.1090: *000000013f2e0000-000000013f2e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f2e1000-000000013f357fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f358000-000000013f358fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f359000-000000013f3a1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3a2000-000000013f3a2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3a3000-000000013f3a3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3a4000-000000013f3a8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3a9000-000000013f3a9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3aa000-000000013f3aafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3ab000-000000013f3aefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3af000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137c.1090: 000000013f3f8000-000007feff39ffff 0x0001/0x0000 0x0000000
137c.1090: *000007feff3a0000-000007feff3a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
137c.1090: 000007feff3a1000-000007fffffaffff 0x0001/0x0000 0x0000000
137c.1090: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
137c.1090: 000007fffffd3000-000007fffffdbfff 0x0001/0x0000 0x0000000
137c.1090: *000007fffffdc000-000007fffffdcfff 0x0004/0x0004 0x0020000
137c.1090: 000007fffffdd000-000007fffffddfff 0x0001/0x0000 0x0000000
137c.1090: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
137c.1090: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
137c.1090: apisetschema.dll: timestamp 0x5e0eb63f (rc=VINF_SUCCESS)
137c.1090: VirtualBoxVM.exe: timestamp 0x60898c77 (rc=VINF_SUCCESS)
137c.1090: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
137c.1090: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
137c.1090: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
137c.1090: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
137c.1090: supR3HardNtChildPurify: Done after 571 ms and 0 fixes (loop #0).
1130.25c: Log file opened: 6.1.22r144080 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
1130.25c: supR3HardenedVmProcessInit: uNtDllAddr=00000000770a0000 g_uNtVerCombined=0x611db100 (stack ~000000000030f298)
137c.1090: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002c0000 LB 0x400000)
137c.1090: supR3HardNtEnableThreadCreationEx:
1130.25c: ntdll.dll: timestamp 0x5e0eb67f (rc=VINF_SUCCESS)
1130.25c: New simple heap: #1 0000000000310000 LB 0x400000 (for 1699840 allocation)
1130.25c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1130.25c: System32: \Device\HarddiskVolume2\Windows\System32
1130.25c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
1130.25c: KnownDllPath: C:\Windows\system32
1130.25c: supR3HardenedVmProcessInit: Opening vboxdrv...
1130.25c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1130.25c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1130.25c: Registered Dll notification callback with NTDLL.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 0000000076f80000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcc30000 LB 0x00067000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076f80000 'C:\Windows\system32\kernel32.dll'
1130.25c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770e3730 pvNtTerminateThread=0000000077109cd0
137c.1090: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 56 ms.
1130.25c: \SystemRoot\System32\ntdll.dll:
1130.25c: CreationTime: 2021-06-01T09:33:57.725948900Z
1130.25c: LastWriteTime: 2020-01-03T03:35:05.302579400Z
1130.25c: ChangeTime: 2021-06-01T09:37:19.505903000Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x198080
1130.25c: NT Headers: 0xe0
1130.25c: Timestamp: 0x5e0eb67f
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x5e0eb67f
1130.25c: Image Version: 6.1
1130.25c: SizeOfImage: 0x19f000 (1699840)
1130.25c: Resource Dir: 0x142000 LB 0x5a038
1130.25c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x1420f0 LB 0x38c, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Microsoft® Windows® Operating System
1130.25c: ProductVersion: 6.1.7601.24545
1130.25c: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
1130.25c: FileDescription: NT Layer DLL
1130.25c: \SystemRoot\System32\kernel32.dll:
1130.25c: CreationTime: 2021-06-01T09:34:11.110772400Z
1130.25c: LastWriteTime: 2020-01-03T03:33:39.604000000Z
1130.25c: ChangeTime: 2021-06-01T09:37:20.020703900Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x11be00
1130.25c: NT Headers: 0xe0
1130.25c: Timestamp: 0x5e0eb6bc
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x5e0eb6bc
1130.25c: Image Version: 6.1
1130.25c: SizeOfImage: 0x11f000 (1175552)
1130.25c: Resource Dir: 0x116000 LB 0x530
1130.25c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x1160b0 LB 0x3b0, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Microsoft® Windows® Operating System
1130.25c: ProductVersion: 6.1.7601.24545
1130.25c: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
1130.25c: FileDescription: Windows NT BASE API Client DLL
1130.25c: \SystemRoot\System32\KernelBase.dll:
1130.25c: CreationTime: 2021-06-01T09:34:14.854778900Z
1130.25c: LastWriteTime: 2020-01-03T03:33:39.604000000Z
1130.25c: ChangeTime: 2021-06-01T09:37:20.161104200Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x63c00
1130.25c: NT Headers: 0xe8
1130.25c: Timestamp: 0x5e0eb6bd
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x5e0eb6bd
1130.25c: Image Version: 6.1
1130.25c: SizeOfImage: 0x67000 (421888)
1130.25c: Resource Dir: 0x65000 LB 0x538
1130.25c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x650b0 LB 0x3b8, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Microsoft® Windows® Operating System
1130.25c: ProductVersion: 6.1.7601.24545
1130.25c: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
1130.25c: FileDescription: Windows NT BASE API Client DLL
1130.25c: \SystemRoot\System32\apisetschema.dll:
1130.25c: CreationTime: 2021-06-01T09:34:12.467974800Z
1130.25c: LastWriteTime: 2020-01-03T03:33:11.406000000Z
1130.25c: ChangeTime: 2021-06-01T09:37:19.521503100Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x1c00
1130.25c: NT Headers: 0xc0
1130.25c: Timestamp: 0x5e0eb63f
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x5e0eb63f
1130.25c: Image Version: 6.1
1130.25c: SizeOfImage: 0x50000 (327680)
1130.25c: Resource Dir: 0x30000 LB 0x408
1130.25c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x30060 LB 0x3a4, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Microsoft® Windows® Operating System
1130.25c: ProductVersion: 6.1.7601.24545
1130.25c: FileVersion: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707)
1130.25c: FileDescription: ApiSet Schema DLL
1130.25c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
1130.25c: supR3HardenedWinFindAdversaries: 0x480
1130.25c: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
1130.25c: CreationTime: 2021-06-03T10:10:51.070159700Z
1130.25c: LastWriteTime: 2021-06-03T10:10:51.070159700Z
1130.25c: ChangeTime: 2021-06-03T10:10:51.096161200Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x3cca0
1130.25c: NT Headers: 0xf0
1130.25c: Timestamp: 0x5fd26d8f
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x5fd26d8f
1130.25c: Image Version: 10.0
1130.25c: SizeOfImage: 0x3f000 (258048)
1130.25c: Resource Dir: 0x3d000 LB 0x3b8
1130.25c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x3d060 LB 0x358, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Malwarebytes SwissArmy
1130.25c: ProductVersion: 4.3.0.179
1130.25c: FileVersion: 4.3.0.179
1130.25c: FileDescription: Malwarebytes SwissArmy
1130.25c: \SystemRoot\System32\drivers\mwac.sys:
1130.25c: CreationTime: 2021-06-10T14:48:28.356425700Z
1130.25c: LastWriteTime: 2021-06-10T14:48:28.356425700Z
1130.25c: ChangeTime: 2021-06-10T14:48:28.356425700Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x23ab8
1130.25c: NT Headers: 0xe8
1130.25c: Timestamp: 0x60649145
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x60649145
1130.25c: Image Version: 10.0
1130.25c: SizeOfImage: 0x28000 (163840)
1130.25c: Resource Dir: 0x26000 LB 0x380
1130.25c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x26060 LB 0x320, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Malwarebytes Web Protection
1130.25c: ProductVersion: 1.0.0.107
1130.25c: FileVersion: 1.0.0.107
1130.25c: FileDescription: Malwarebytes Web Protection
1130.25c: \SystemRoot\System32\drivers\mbamchameleon.sys:
1130.25c: CreationTime: 2021-06-10T14:48:27.116423900Z
1130.25c: LastWriteTime: 2021-06-10T14:48:27.116423900Z
1130.25c: ChangeTime: 2021-06-10T14:48:27.136423900Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x35e50
1130.25c: NT Headers: 0xf8
1130.25c: Timestamp: 0x6058acb0
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x6058acb0
1130.25c: Image Version: 10.0
1130.25c: SizeOfImage: 0x38000 (229376)
1130.25c: Resource Dir: 0x36000 LB 0x3b8
1130.25c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x36060 LB 0x358, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Malwarebytes Chameleon
1130.25c: ProductVersion: 3.1.0.328
1130.25c: FileVersion: 3.1.0.328
1130.25c: FileDescription: Malwarebytes Chameleon
1130.25c: \SystemRoot\System32\drivers\mbam.sys:
1130.25c: CreationTime: 2021-06-10T14:48:34.411255500Z
1130.25c: LastWriteTime: 2021-06-10T14:48:34.395655500Z
1130.25c: ChangeTime: 2021-06-10T14:48:34.395655500Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x12eb8
1130.25c: NT Headers: 0xd8
1130.25c: Timestamp: 0x5fd245b7
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x5fd245b7
1130.25c: Image Version: 10.0
1130.25c: SizeOfImage: 0x14000 (81920)
1130.25c: Resource Dir: 0x12000 LB 0x3c0
1130.25c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x12060 LB 0x360, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Malwarebytes Real-Time Protection
1130.25c: ProductVersion: 3.1.0.201
1130.25c: FileVersion: 3.1.0.201
1130.25c: FileDescription: Malwarebytes Real-Time Protection
1130.25c: \SystemRoot\System32\drivers\MpFilter.sys:
1130.25c: CreationTime: 2015-11-13T05:50:26.000000000Z
1130.25c: LastWriteTime: 2015-11-13T05:50:26.000000000Z
1130.25c: ChangeTime: 2021-06-03T09:52:18.349211800Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x46960
1130.25c: NT Headers: 0xe8
1130.25c: Timestamp: 0x56330e4f
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x56330e4f
1130.25c: Image Version: 6.3
1130.25c: SizeOfImage: 0x44000 (278528)
1130.25c: Resource Dir: 0x42000 LB 0xd90
1130.25c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x42110 LB 0x37c, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Microsoft Malware Protection
1130.25c: ProductVersion: 4.9.0210.0
1130.25c: FileVersion: 4.9.0210.0
1130.25c: FileDescription: Microsoft antimalware file system filter driver
1130.25c: \SystemRoot\System32\drivers\NisDrvWFP.sys:
1130.25c: CreationTime: 2013-09-27T06:53:06.000000000Z
1130.25c: LastWriteTime: 2015-11-13T05:50:26.000000000Z
1130.25c: ChangeTime: 2021-06-03T09:52:18.305209300Z
1130.25c: FileAttributes: 0x20
1130.25c: Size: 0x20ab8
1130.25c: NT Headers: 0xe0
1130.25c: Timestamp: 0x56330e8a
1130.25c: Machine: 0x8664 - amd64
1130.25c: Timestamp: 0x56330e8a
1130.25c: Image Version: 6.3
1130.25c: SizeOfImage: 0x1f000 (126976)
1130.25c: Resource Dir: 0x1c000 LB 0x1b90
1130.25c: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
1130.25c: [Raw version resource data: 0x1d728 LB 0x380, codepage 0x0 (reserved 0x0)]
1130.25c: ProductName: Microsoft Malware Protection
1130.25c: ProductVersion: 4.9.0210.0
1130.25c: FileVersion: 4.9.0210.0
1130.25c: FileDescription: Microsoft Network Realtime Inspection Driver
1130.25c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1130.25c: Calling main()
1130.25c: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
1130.25c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
1130.25c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
1130.25c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
1130.25c: SUPR3HardenedMain: Final process, opening VBoxDrv...
1130.25c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000310000 LB 0x400000)
1130.25c: supR3HardNtEnableThreadCreationEx:
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
1130.25c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b121:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fef9830000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000003088a1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9830000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000003088a1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9830000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9830000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cf31:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcf30000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefed90000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcda0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcc00000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcfd0000 LB 0x0012c000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf30000 'C:\Windows\system32\Wintrust.dll'
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cf31:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefc510000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc510000 'C:\Windows\system32\bcrypt.dll'
1130.25c: bcrypt.dll loaded at 000007fefc510000, BCryptOpenAlgorithmProvider at 000007fefc512460, preloading providers:
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030cf11:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefc480000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefee30000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007feff370000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc480000 'C:\Windows\system32\bcryptprimitives.dll'
1130.25c: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000078c660)
1130.25c: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000078d620)
1130.25c: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000078d750)
1130.25c: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000078d970)
1130.25c: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000078daa0)
1130.25c: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000078dbd0)
1130.25c: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000078de20)
1130.25c: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000078df50)
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ca81:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefc5d0000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5d0000 'C:\Windows\system32\CRYPTSP.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030ca11:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefc080000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc080000 'C:\Windows\system32\rsaenh.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c2a1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee30000 'C:\Windows\system32\ADVAPI32.dll'
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c621:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefca90000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca90000 'C:\Windows\system32\CRYPTBASE.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c051:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076f80000 'C:\Windows\system32\kernel32.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c9e1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf30000 'C:\Windows\system32\WINTRUST.DLL'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030c811:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\CRYPT32.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c861:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007feff270000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff270000 'C:\Windows\system32\imagehlp.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c9b1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5d0000 'C:\Windows\system32\CRYPTSP.dll'
1130.25c: \Device\HarddiskVolume2\Windows\System32\user32.dll: Owner is administrators group.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c4e1:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 0000000076e80000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefd600000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefecc0000 LB 0x000cb000 C:\Windows\system32\USP10.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b9e1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd600000 'C:\Windows\system32\gdi32.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b321:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefefb0000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefdbe0000 LB 0x0010b000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefefb0000 'C:\Windows\system32\IMM32.DLL'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e80000 'C:\Windows\system32\USER32.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c7e1:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefc540000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc540000 'C:\Windows\system32\ncrypt.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c5d1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc510000 'C:\Windows\system32\bcrypt.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bf61:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcf10000 LB 0x0001f000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcbf0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf10000 'C:\Windows\system32\USERENV.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030bcc1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c051:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c281:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefbe90000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe90000 'C:\Windows\system32\GPAPI.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c1d1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b8d1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfd0000 'C:\Windows\system32\rpcrt4.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c1b1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-WIN-Service-Management-L2-1-0.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030c1c1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bcc1:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fef6aa0000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefdcf0000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030aef1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030aef1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030aef1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030aef1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030aef1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=000000000030aef1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6aa0000 'C:\Windows\system32\cryptnet.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030b5e1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b5e1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbf0000 'C:\Windows\system32\profapi.dll'
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b071:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007feff170000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff170000 'C:\Windows\system32\SHLWAPI.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c9f1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F8CD815F0CD05638A6894535B0372BF0C0378D10
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030bfa1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030bb01:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030bb01:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bfa1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee30000 'C:\Windows\system32\ADVAPI32.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030bf51:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1130.25c: supR3HardenedIsApiSetDll: '<NULL>' -> true
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000030bc41:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff370000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030c471:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\SystemRoot\System32\ntdll.dll'
1130.25c: g_pfnWinVerifyTrust=000007fefcf31010
1130.25c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000c4 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB46C4F6B834DB9328784D5BE3326BD80E3042DA
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b1e1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1130.25c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000b8 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1F7258EF71AF066FD00F9B71F0DE2B52FBACE45
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030b1e1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000374 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000368 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=086A94704E162AB5C6F0ED4BA6DE6C8B4524BA56
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000364 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E4160C19B4AE8E9DA7E4CF6F902F681967E258DC
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000240 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EBDAA16C3FD93DFF9C20BA3B2689DFF4C8D31061
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3159398~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001ac pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a8 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8128043E2DB517CE21AC6C645E17AA014BE6A2CB
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E9B60D8E91DE4B6BD8680A8EA9952E873AF643EE
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5B282A2631D47B459D3BFB9E19817422A5BDA7C7
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CCB7F806B584BC833CCB45233D3BC2338D720DD4
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E2E1B84E3D9D8988B641F2EA9E2FAEF8CEEACAF0
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=46C6553832B642058240BB0EC294D9684053FA28
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030a881:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000083bdd0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB05A6DD4AF9AC247D37C4B7BAFCCBD178A41E64
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB05A6DD4AF9AC247D37C4B7BAFCCBD178A41E64
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000006727c0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006727c0
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=7458187B83265348D287AC7AB34C0A5AD0EFDAA5040E43F37D2AC3DBEB747E20
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000118 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B00C47C46ED3B51BBFC3F8FE80751A96F25C3EA
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4D212E5620D5CC7084245971F59495972AE15D84
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB669FA8DB80F8E50A29D055BB8D558E10E5E6B4
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000100 pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DD8EB2AA54C831F3AF5671C72D3359678F561895
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e8 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=392B33B84600AC5ED0D2F6C5EC6F1E2AB7C64234
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000c8 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000c0 pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000bc pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=487CAE399C22924A675FED14D1CB8898D92C81B9
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D8459AE7ED3F113B897E375D67EA01B027C8E524
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F72682744C68FE06FC8B7C2643183184F472F3A1
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xbe6598dfa76cac00 C=EN, CN=Malwarebytes Web Protection
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1130.25c: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1130.25c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=40
1130.25c: SUPR3HardenedMain: Load Runtime...
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=901DCB8172024F14E25295BF5692180F12FC8C18
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3161949~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003f4 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5C61E0233B4D23762E0FE158DE0FDC6C24988F13
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bd71:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fee8950000 LB 0x005e2000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedDllNotificationCallback: load 00000000745d0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1130.25c: supR3HardenedDllNotificationCallback: load 0000000074480000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefd100000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcfb0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000309481:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8950000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d8d1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf30000 'C:\Windows\system32\Wintrust.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: SUPR3HardenedMain: Load TrustedMain...
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000440 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000444 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DF3169AB12A33146DE2E4D9C648CB8C041F20136
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000450 pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41C849408ED6D9A5379745F72C06BA402FAFD6B4
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1130.25c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\ole32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000460 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [redoing WinVerifyTrust]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000418 pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41C849408ED6D9A5379745F72C06BA402FAFD6B4
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1130.25c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1130.25c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1130.25c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Windows\System32\user32.dll
1130.25c: Error (rc=0):
1130.25c: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=16 \Device\HarddiskVolume2\Windows\System32\user32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
1130.25c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\devobj.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1130.25c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000044c pwszName=\Device\HarddiskVolume2\Windows\System32\mpr.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\mpr.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a0 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6F0FD5A01ADEE7CE965956E4165CC96F02202139
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000003093e1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bd81:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fef0f50000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fee8230000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fee9df0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fee6ea0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fee6e90000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefeae0000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [avoiding WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcd50000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007feff290000 LB 0x000db000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefd670000 LB 0x001ff000 C:\Windows\system32\ole32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefaee0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fecf330000 LB 0x02317000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedDllNotificationCallback: load 0000000073760000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefdd50000 LB 0x00d8b000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fef80b0000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fee8350000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1130.25c: supR3HardenedDllNotificationCallback: load 0000000071070000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1130.25c: supR3HardenedDllNotificationCallback: load 0000000074570000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fef72b0000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\devobj.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee30000 'C:\Windows\system32\ADVAPI32.DLL'
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\devobj.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\devobj.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca90000 'C:\Windows\system32\cryptbase.dll'
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\devobj.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rescheduled]
1130.25c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'.
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0f50000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000047c pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000490 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000045c pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=06E87E8BC22B9124778A2BDA6472CAFE3F12B2CA
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\Windows\system32\crypt32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000454 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F3F3D4867E9140896E0742D7EE8AE1D01FE85ECE
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3078667~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
1130.25c: SUPR3HardenedMain: Calling TrustedMain (000007fef0f516c0)...
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d631:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd670000 'C:\Windows\system32\ole32.dll'
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee30000 'C:\Windows\system32\ADVAPI32.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030bd11:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbf0000 'C:\Windows\system32\profapi.dll'
1130.25c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030e001:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fee8100000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee8100000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030df31:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca90000 'C:\Windows\system32\CRYPTBASE.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000514 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000672700
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
1130.25c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1130.25c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
1130.25c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
1130.25c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1130.25c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030da01:<flags> [calling]
1130.25c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1130.25c: supR3HardenedDllNotificationCallback: load 000007fefb310000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb310000 'C:\Windows\system32\uxtheme.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d441:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb310000 'C:\Windows\system32\uxtheme.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d1b1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb310000 'C:\Windows\system32\uxtheme.dll'
1130.25c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
1130.25c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000030d1b1:<flags> [calling]
1130.25c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb310000 'C:\Windows\system32\uxtheme.dll'
137c.1090: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 2485 ms, the end);
ff8.1250: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 3146 ms, the end);
