Scribd
Upload
40 views176 pages

1 C 30

The document contains log information about system files and drivers including creation times, sizes, and version details. It logs details for ntdll.dll, kernel32.dll, and several Avast antivirus driver files.

Uploaded by

sachin shah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
40 views176 pages

1 C 30

The document contains log information about system files and drivers including creation times, sizes, and version details. It logs details for ntdll.dll, kernel32.dll, and several Avast antivirus driver files.

Uploaded by

sachin shah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 176

1c30.19c8: Log file opened: 6.0.

24r139119 g_hStartupLog=0000000000000018
g_uNtVerCombined=0x611db110

1c30.19c8: \SystemRoot\System32\ntdll.dll:

1c30.19c8: CreationTime: 2010-11-21T03:23:51.351694200Z

1c30.19c8: LastWriteTime: 2010-11-21T03:23:51.367294200Z

1c30.19c8: ChangeTime: 2021-09-10T02:08:08.966773600Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x1a6d60

1c30.19c8: NT Headers: 0xe0

1c30.19c8: Timestamp: 0x4ce7c8f9

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x4ce7c8f9

1c30.19c8: Image Version: 6.1

1c30.19c8: SizeOfImage: 0x1a9000 (1740800)

1c30.19c8: Resource Dir: 0x151000 LB 0x560d8

1c30.19c8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Microsoft® Windows® Operating System

1c30.19c8: ProductVersion: 6.1.7601.17514

1c30.19c8: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1c30.19c8: FileDescription: NT Layer DLL

1c30.19c8: \SystemRoot\System32\kernel32.dll:

1c30.19c8: CreationTime: 2010-11-21T03:24:07.965723400Z

1c30.19c8: LastWriteTime: 2010-11-21T03:24:07.981323400Z

1c30.19c8: ChangeTime: 2021-09-10T02:07:46.955135000Z

1c30.19c8: FileAttributes: 0x20


1c30.19c8: Size: 0x11b800

1c30.19c8: NT Headers: 0xe8

1c30.19c8: Timestamp: 0x4ce7c78b

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x4ce7c78b

1c30.19c8: Image Version: 6.1

1c30.19c8: SizeOfImage: 0x11f000 (1175552)

1c30.19c8: Resource Dir: 0x116000 LB 0x528

1c30.19c8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Microsoft® Windows® Operating System

1c30.19c8: ProductVersion: 6.1.7601.17514

1c30.19c8: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1c30.19c8: FileDescription: Windows NT BASE API Client DLL

1c30.19c8: \SystemRoot\System32\KernelBase.dll:

1c30.19c8: CreationTime: 2010-11-21T03:24:26.217755400Z

1c30.19c8: LastWriteTime: 2010-11-21T03:24:26.248955500Z

1c30.19c8: ChangeTime: 2021-09-10T02:07:46.986335000Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x66800

1c30.19c8: NT Headers: 0xf0

1c30.19c8: Timestamp: 0x4ce7c78c

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x4ce7c78c

1c30.19c8: Image Version: 6.1


1c30.19c8: SizeOfImage: 0x6b000 (438272)

1c30.19c8: Resource Dir: 0x69000 LB 0x530

1c30.19c8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x690b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Microsoft® Windows® Operating System

1c30.19c8: ProductVersion: 6.1.7601.17514

1c30.19c8: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1c30.19c8: FileDescription: Windows NT BASE API Client DLL

1c30.19c8: \SystemRoot\System32\apisetschema.dll:

1c30.19c8: CreationTime: 2009-07-13T23:18:54.866423200Z

1c30.19c8: LastWriteTime: 2009-07-14T01:24:53.779000000Z

1c30.19c8: ChangeTime: 2021-09-10T02:07:29.108703600Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x1a00

1c30.19c8: NT Headers: 0xc0

1c30.19c8: Timestamp: 0x4a5bdeab

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x4a5bdeab

1c30.19c8: Image Version: 6.1

1c30.19c8: SizeOfImage: 0x50000 (327680)

1c30.19c8: Resource Dir: 0x30000 LB 0x3f0

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Microsoft® Windows® Operating System

1c30.19c8: ProductVersion: 6.1.7600.16385


1c30.19c8: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

1c30.19c8: FileDescription: ApiSet Schema DLL

1c30.19c8: NtOpenDirectoryObject failed on \Driver: 0xc0000022

1c30.19c8: supR3HardenedWinFindAdversaries: 0x4

1c30.19c8: \SystemRoot\System32\drivers\aswMonFlt.sys:

1c30.19c8: CreationTime: 2023-01-06T00:41:28.759751600Z

1c30.19c8: LastWriteTime: 2023-01-06T00:41:03.535564000Z

1c30.19c8: ChangeTime: 2023-01-06T00:41:28.759751600Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x2b6d0

1c30.19c8: NT Headers: 0xe8

1c30.19c8: Timestamp: 0x605341a0

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x605341a0

1c30.19c8: Image Version: 10.0

1c30.19c8: SizeOfImage: 0x34000 (212992)

1c30.19c8: Resource Dir: 0x32000 LB 0x3a0

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x32060 LB 0x340, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Avast Antivirus

1c30.19c8: ProductVersion: 21.2.210.0

1c30.19c8: FileVersion: 21.2.210.0

1c30.19c8: FileDescription: Avast File System Filter

1c30.19c8: \SystemRoot\System32\drivers\aswRdr2.sys:

1c30.19c8: CreationTime: 2023-01-06T00:41:28.757751500Z


1c30.19c8: LastWriteTime: 2023-01-06T00:41:03.437558400Z

1c30.19c8: ChangeTime: 2023-01-06T00:41:28.758751500Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x1a520

1c30.19c8: NT Headers: 0xf0

1c30.19c8: Timestamp: 0x605341a1

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x605341a1

1c30.19c8: Image Version: 10.0

1c30.19c8: SizeOfImage: 0x1a000 (106496)

1c30.19c8: Resource Dir: 0x18000 LB 0x388

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x18060 LB 0x324, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Avast Antivirus

1c30.19c8: ProductVersion: 21.2.210.0

1c30.19c8: FileVersion: 21.2.210.0

1c30.19c8: FileDescription: Avast Antivirus

1c30.19c8: \SystemRoot\System32\drivers\aswRvrt.sys:

1c30.19c8: CreationTime: 2023-01-06T00:41:28.760751600Z

1c30.19c8: LastWriteTime: 2023-01-06T00:41:03.650570600Z

1c30.19c8: ChangeTime: 2023-01-06T00:41:28.763751800Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x145a8

1c30.19c8: NT Headers: 0xe8

1c30.19c8: Timestamp: 0x605341a0


1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x605341a0

1c30.19c8: Image Version: 10.0

1c30.19c8: SizeOfImage: 0x13000 (77824)

1c30.19c8: Resource Dir: 0x11000 LB 0x380

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x11060 LB 0x320, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Avast Antivirus

1c30.19c8: ProductVersion: 21.2.210.0

1c30.19c8: FileVersion: 21.2.210.0

1c30.19c8: FileDescription: Avast Revert

1c30.19c8: \SystemRoot\System32\drivers\aswSnx.sys:

1c30.19c8: CreationTime: 2023-01-06T00:41:28.750751100Z

1c30.19c8: LastWriteTime: 2023-01-06T00:40:31.681742000Z

1c30.19c8: ChangeTime: 2023-01-06T00:41:28.751751100Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0xcf8c8

1c30.19c8: NT Headers: 0xf0

1c30.19c8: Timestamp: 0x605341a4

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x605341a4

1c30.19c8: Image Version: 10.0

1c30.19c8: SizeOfImage: 0xcd000 (839680)

1c30.19c8: Resource Dir: 0xca000 LB 0x388

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1c30.19c8: [Raw version resource data: 0xca060 LB 0x324, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Avast Antivirus

1c30.19c8: ProductVersion: 21.2.210.0

1c30.19c8: FileVersion: 21.2.210.0

1c30.19c8: FileDescription: Avast Antivirus

1c30.19c8: \SystemRoot\System32\drivers\aswsp.sys:

1c30.19c8: CreationTime: 2023-01-06T00:41:28.763751800Z

1c30.19c8: LastWriteTime: 2023-01-06T00:41:03.800579100Z

1c30.19c8: ChangeTime: 2023-01-06T00:41:28.764751900Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x71f08

1c30.19c8: NT Headers: 0xe8

1c30.19c8: Timestamp: 0x605341af

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x605341af

1c30.19c8: Image Version: 10.0

1c30.19c8: SizeOfImage: 0x72000 (466944)

1c30.19c8: Resource Dir: 0x70000 LB 0x388

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x70060 LB 0x328, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Avast Antivirus

1c30.19c8: ProductVersion: 21.2.210.0

1c30.19c8: FileVersion: 21.2.210.0

1c30.19c8: FileDescription: Avast Self Protection

1c30.19c8: \SystemRoot\System32\drivers\aswStm.sys:
1c30.19c8: CreationTime: 2023-01-06T00:41:28.768752100Z

1c30.19c8: LastWriteTime: 2023-01-06T00:41:12.209404700Z

1c30.19c8: ChangeTime: 2023-01-06T00:41:28.768752100Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x34d38

1c30.19c8: NT Headers: 0x100

1c30.19c8: Timestamp: 0x605341a3

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x605341a3

1c30.19c8: Image Version: 10.0

1c30.19c8: SizeOfImage: 0x34000 (212992)

1c30.19c8: Resource Dir: 0x32000 LB 0x390

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x32060 LB 0x32c, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Avast Antivirus

1c30.19c8: ProductVersion: 21.2.210.0

1c30.19c8: FileVersion: 21.2.210.0

1c30.19c8: FileDescription: Avast Stream Filter

1c30.19c8: \SystemRoot\System32\drivers\aswVmm.sys:

1c30.19c8: CreationTime: 2023-01-06T00:41:28.769752200Z

1c30.19c8: LastWriteTime: 2023-01-06T00:41:16.190632500Z

1c30.19c8: ChangeTime: 2023-01-06T00:41:28.770752200Z

1c30.19c8: FileAttributes: 0x20

1c30.19c8: Size: 0x4fd40

1c30.19c8: NT Headers: 0xf0


1c30.19c8: Timestamp: 0x605341a1

1c30.19c8: Machine: 0x8664 - amd64

1c30.19c8: Timestamp: 0x605341a1

1c30.19c8: Image Version: 10.0

1c30.19c8: SizeOfImage: 0x4d000 (315392)

1c30.19c8: Resource Dir: 0x4b000 LB 0x388

1c30.19c8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1c30.19c8: [Raw version resource data: 0x4b060 LB 0x328, codepage 0x0 (reserved 0x0)]

1c30.19c8: ProductName: Avast Antivirus

1c30.19c8: ProductVersion: 21.2.210.0

1c30.19c8: FileVersion: 21.2.210.0

1c30.19c8: FileDescription: Avast VM Monitor

1c30.19c8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1c30.19c8: Calling main()

1c30.19c8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2

1c30.19c8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1c30.19c8: SUPR3HardenedMain: Respawn #1

1c30.19c8: System32: \Device\HarddiskVolume2\Windows\System32

1c30.19c8: WinSxS: \Device\HarddiskVolume2\Windows\winsxs

1c30.19c8: KnownDllPath: C:\Windows\system32

1c30.19c8: supR3HardenedWinInit: Performing a limited self purification...

1c30.19c8: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION

1c30.19c8: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000010000-0000000000010fff 0x0010/0x0010 0x0040000 !!


1c30.19c8: 0000000000011000-000000000001ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000020000-000000000002ffff 0x0004/0x0004 0x0040000

1c30.19c8: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000

1c30.19c8: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000

1c30.19c8: 0000000000041000-000000000004ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000050000-00000000000b6fff 0x0002/0x0002 0x0040000

1c30.19c8: 00000000000b7000-000000000014ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000150000-0000000000201fff 0x0000/0x0004 0x0020000

1c30.19c8: 0000000000202000-0000000000203fff 0x0104/0x0004 0x0020000

1c30.19c8: 0000000000204000-000000000024ffff 0x0004/0x0004 0x0020000

1c30.19c8: 0000000000250000-00000000002bffff 0x0001/0x0000 0x0000000

1c30.19c8: *00000000002c0000-00000000002c4fff 0x0004/0x0004 0x0020000

1c30.19c8: 00000000002c5000-00000000003bffff 0x0000/0x0004 0x0020000

1c30.19c8: 00000000003c0000-000000000050ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000510000-000000000055bfff 0x0004/0x0004 0x0020000

1c30.19c8: 000000000055c000-000000000058ffff 0x0000/0x0004 0x0020000

1c30.19c8: *0000000000590000-0000000000739fff 0x0004/0x0004 0x0020000

1c30.19c8: 000000000073a000-000000003700ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000037010000-000000003701ffff 0x0020/0x0040 0x0020000 !!

1c30.19c8: 0000000037020000-0000000076d5ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000076d60000-0000000076d60fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\kernel32.dll

1c30.19c8: 0000000076d61000-0000000076dfbfff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\kernel32.dll

1c30.19c8: 0000000076dfc000-0000000076e69fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\kernel32.dll
1c30.19c8: 0000000076e6a000-0000000076e6bfff 0x0004/0x0080 0x1000000 \Device\
HarddiskVolume2\Windows\System32\kernel32.dll

1c30.19c8: 0000000076e6c000-0000000076e7efff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\kernel32.dll

1c30.19c8: 0000000076e7f000-0000000076f7ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000076f80000-0000000076f80fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 0000000076f81000-0000000077082fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 0000000077083000-00000000770b1fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b2000-00000000770b2fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b3000-00000000770b3fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b4000-00000000770b4fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b5000-00000000770b6fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b7000-00000000770b7fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b8000-00000000770b8fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b9000-00000000770bafff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770bb000-00000000770bdfff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770be000-0000000077128fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 0000000077129000-000000007efdffff 0x0001/0x0000 0x0000000

1c30.19c8: *000000007efe0000-000000007efe4fff 0x0002/0x0002 0x0040000


1c30.19c8: 000000007efe5000-000000007f0dffff 0x0000/0x0002 0x0040000

1c30.19c8: *000000007f0e0000-000000007ffdffff 0x0000/0x0002 0x0020000

1c30.19c8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000

1c30.19c8: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000

1c30.19c8: 000000007fff0000-000000013f79ffff 0x0001/0x0000 0x0000000

1c30.19c8: *000000013f7a0000-000000013f7a0fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f7a1000-000000013f815fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f816000-000000013f816fff 0x0080/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f817000-000000013f85efff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f85f000-000000013f861fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f862000-000000013f864fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f865000-000000013f867fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f868000-000000013f868fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f869000-000000013f86afff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f86b000-000000013f86bfff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f86c000-000000013f8b4fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f8b5000-000007fedd4affff 0x0001/0x0000 0x0000000

1c30.19c8: *000007fedd4b0000-000007fedd4b0fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll
1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4b0000 LB 0x1000
(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4b1000-000007fedd4b7fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll

1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4b1000 LB 0x7000


(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4b8000-000007fedd4b9fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll

1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4b8000 LB 0x2000


(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4ba000-000007fedd4bafff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll

1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4ba000 LB 0x1000


(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4bb000-000007fedd4bbfff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll

1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4bb000 LB 0x1000


(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4bc000-000007fedd4bffff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll

1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4bc000 LB 0x4000


(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4c0000-000007fedd4c0fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll

1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4c0000 LB 0x1000


(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4c1000-000007fedd4c2fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll

1c30.19c8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 000007fedd4c1000 LB 0x2000


(base 000007fedd4b0000) - 'aswhook.dll'

1c30.19c8: 000007fedd4c3000-000007fefd22ffff 0x0001/0x0000 0x0000000


1c30.19c8: *000007fefd230000-000007fefd230fff 0x0002/0x0080 0x1000000 \Device\
HarddiskVolume2\Windows\System32\KernelBase.dll

1c30.19c8: 000007fefd231000-000007fefd279fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\KernelBase.dll

1c30.19c8: 000007fefd27a000-000007fefd28ffff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\KernelBase.dll

1c30.19c8: 000007fefd290000-000007fefd291fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\KernelBase.dll

1c30.19c8: 000007fefd292000-000007fefd29afff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\KernelBase.dll

1c30.19c8: 000007fefd29b000-000007feff29ffff 0x0001/0x0000 0x0000000

1c30.19c8: *000007feff2a0000-000007feff2a0fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\apisetschema.dll

1c30.19c8: 000007feff2a1000-000007fffffaffff 0x0001/0x0000 0x0000000

1c30.19c8: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000

1c30.19c8: 000007fffffd3000-000007fffffd8fff 0x0001/0x0000 0x0000000

1c30.19c8: *000007fffffd9000-000007fffffd9fff 0x0004/0x0004 0x0020000

1c30.19c8: 000007fffffda000-000007fffffddfff 0x0001/0x0000 0x0000000

1c30.19c8: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000

1c30.19c8: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000

1c30.19c8: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)

1c30.19c8: kernelbase.dll: timestamp 0x4ce7c78c (rc=VINF_SUCCESS)

1c30.19c8: VirtualBoxVM.exe: timestamp 0x5f07640c (rc=VINF_SUCCESS)

1c30.19c8: kernel32.dll: timestamp 0x4ce7c78b (rc=VINF_SUCCESS)

1c30.19c8: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no


imports

1c30.19c8: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports

1c30.19c8: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports


1c30.19c8: ntdll.dll: Differences in section #1 (.text) between file and memory:

1c30.19c8: 0000000076fa5b30 / 0x0025b30: 4c != e9

1c30.19c8: 0000000076fa5b31 / 0x0025b31: 89 != a3

1c30.19c8: 0000000076fa5b32 / 0x0025b32: 4c != a6

1c30.19c8: 0000000076fa5b33 / 0x0025b33: 24 != 06

1c30.19c8: 0000000076fa5b34 / 0x0025b34: 20 != c0

1c30.19c8: 0000000076fa5b35 / 0x0025b35: 48 != cc

1c30.19c8: 0000000076fa5b36 / 0x0025b36: 89 != cc

1c30.19c8: 0000000076fa5b37 / 0x0025b37: 54 != cc

1c30.19c8: 0000000076fa5b38 / 0x0025b38: 24 != cc

1c30.19c8: 0000000076fa5b39 / 0x0025b39: 10 != cc

1c30.19c8: Restored 0x2000 bytes of original file content at 0000000076fa5000

1c30.19c8: ntdll.dll: Differences in section #1 (.text) between file and memory:

1c30.19c8: 0000000076fa7a90 / 0x0027a90: 48 != e9

1c30.19c8: 0000000076fa7a91 / 0x0027a91: 89 != a3

1c30.19c8: 0000000076fa7a92 / 0x0027a92: 5c != 87

1c30.19c8: 0000000076fa7a93 / 0x0027a93: 24 != 06

1c30.19c8: 0000000076fa7a94 / 0x0027a94: 10 != c0

1c30.19c8: 0000000076fa7a95 / 0x0027a95: 48 != cc

1c30.19c8: 0000000076fa7a96 / 0x0027a96: 89 != cc

1c30.19c8: 0000000076fa7a97 / 0x0027a97: 6c != cc

1c30.19c8: 0000000076fa7a98 / 0x0027a98: 24 != cc

1c30.19c8: 0000000076fa7a99 / 0x0027a99: 18 != cc

1c30.19c8: Restored 0x2000 bytes of original file content at 0000000076fa7000

1c30.19c8: ntdll.dll: Differences in section #1 (.text) between file and memory:


1c30.19c8: 00000000770275b0 / 0x00a75b0: 48 != e9

1c30.19c8: 00000000770275b1 / 0x00a75b1: 89 != c3

1c30.19c8: 00000000770275b2 / 0x00a75b2: 5c != 8b

1c30.19c8: 00000000770275b3 / 0x00a75b3: 24 != fe

1c30.19c8: 00000000770275b4 / 0x00a75b4: 08 != bf

1c30.19c8: 00000000770275b5 / 0x00a75b5: 48 != cc

1c30.19c8: 00000000770275b6 / 0x00a75b6: 89 != cc

1c30.19c8: 00000000770275b7 / 0x00a75b7: 74 != cc

1c30.19c8: 00000000770275b8 / 0x00a75b8: 24 != cc

1c30.19c8: 00000000770275b9 / 0x00a75b9: 10 != cc

1c30.19c8: Restored 0x2000 bytes of original file content at 000000007702710e

1c30.19c8: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED ->


VINF_SUCCESS, cFixes=3

1c30.19c8: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no


imports

1c30.19c8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\VirtualBoxVM.exe)

1c30.19c8: supR3HardNtEnableThreadCreationEx:

1c30.19c8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076fac320


pvNtTerminateThread=0000000076fd1840

1c30.19c8: supR3HardenedWinDoReSpawn(1): New child 1e08.1dfc [kernel32].

1c30.19c8: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd7000 cbPeb=0x380

1c30.19c8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076f80000


uNtDllChildAddr=0000000076f80000

1c30.19c8: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076fac320

1c30.19c8: supR3HardenedWinSetupChildInit: Start child.

1c30.19c8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1


ms.
1c30.19c8: supR3HardNtChildPurify: Startup delay kludge #1/0: 516 ms, 63 sleeps

1c30.19c8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION

1c30.19c8: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000

1c30.19c8: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000

1c30.19c8: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000

1c30.19c8: 0000000000041000-000000000011ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000000120000-000000000021bfff 0x0000/0x0004 0x0020000

1c30.19c8: 000000000021c000-000000000021dfff 0x0104/0x0004 0x0020000

1c30.19c8: 000000000021e000-000000000021ffff 0x0004/0x0004 0x0020000

1c30.19c8: 0000000000220000-0000000076f7ffff 0x0001/0x0000 0x0000000

1c30.19c8: *0000000076f80000-0000000076f80fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 0000000076f81000-0000000077082fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 0000000077083000-00000000770b1fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770b2000-00000000770bdfff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 00000000770be000-0000000077128fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1c30.19c8: 0000000077129000-000000007efdffff 0x0001/0x0000 0x0000000

1c30.19c8: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000

1c30.19c8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000

1c30.19c8: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000

1c30.19c8: 000000007fff0000-000000013f79ffff 0x0001/0x0000 0x0000000


1c30.19c8: *000000013f7a0000-000000013f7a0fff 0x0002/0x0080 0x1000000 \Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f7a1000-000000013f815fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f816000-000000013f816fff 0x0080/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f817000-000000013f85efff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f85f000-000000013f85ffff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f860000-000000013f860fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f861000-000000013f865fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f866000-000000013f866fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f867000-000000013f867fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f868000-000000013f86bfff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f86c000-000000013f8b4fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1c30.19c8: 000000013f8b5000-000007feff29ffff 0x0001/0x0000 0x0000000

1c30.19c8: *000007feff2a0000-000007feff2a0fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\apisetschema.dll

1c30.19c8: 000007feff2a1000-000007fffffaffff 0x0001/0x0000 0x0000000

1c30.19c8: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000

1c30.19c8: 000007fffffd3000-000007fffffd6fff 0x0001/0x0000 0x0000000

1c30.19c8: *000007fffffd7000-000007fffffd7fff 0x0004/0x0004 0x0020000

1c30.19c8: 000007fffffd8000-000007fffffddfff 0x0001/0x0000 0x0000000


1c30.19c8: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000

1c30.19c8: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000

1c30.19c8: supR3HardNtChildPurify: Done after 532 ms and 0 fixes (loop #0).

1e08.1dfc: Log file opened: 6.0.24r139119 g_hStartupLog=0000000000000004


g_uNtVerCombined=0x611db100

1e08.1dfc: supR3HardenedVmProcessInit: uNtDllAddr=0000000076f80000


g_uNtVerCombined=0x611db100

1c30.19c8: supR3HardNtEnableThreadCreationEx:

1e08.1dfc: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)

1e08.1dfc: New simple heap: #1 0000000000320000 LB 0x400000 (for 1740800 allocation)

1e08.1dfc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1e08.1dfc: System32: \Device\HarddiskVolume2\Windows\System32

1e08.1dfc: WinSxS: \Device\HarddiskVolume2\Windows\winsxs

1e08.1dfc: KnownDllPath: C:\Windows\system32

1e08.1dfc: supR3HardenedVmProcessInit: Opening vboxdrv stub...

1e08.1dfc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...

1e08.1dfc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...

1e08.1dfc: Registered Dll notification callback with NTDLL.

1e08.1dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\kernel32.dll)

1e08.1dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


kernel32.dll

1e08.1dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll


(Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff
pwszSearchPath=0000000000000000:<flags> [calling]

1e08.1dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1e08.1dfc: supR3HardenedDllNotificationCallback: load 0000000076d60000 LB 0x0011f000 C:\
Windows\system32\kernel32.dll [fFlags=0x0]

1e08.1dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

1e08.1dfc: supR3HardenedDllNotificationCallback: load 000007fefd230000 LB 0x0006b000 C:\


Windows\system32\KERNELBASE.dll [fFlags=0x0]

1e08.1dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\KernelBase.dll)

1e08.1dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


KernelBase.dll

1e08.1dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'C:\


Windows\system32\kernel32.dll'

1e08.1dfc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076fac320


pvNtTerminateThread=0000000076fd1840

1e08.1dfc: \SystemRoot\System32\ntdll.dll:

1e08.1dfc: CreationTime: 2010-11-21T03:23:51.351694200Z

1e08.1dfc: LastWriteTime: 2010-11-21T03:23:51.367294200Z

1e08.1dfc: ChangeTime: 2021-09-10T02:08:08.966773600Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x1a6d60

1e08.1dfc: NT Headers: 0xe0

1e08.1dfc: Timestamp: 0x4ce7c8f9

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x4ce7c8f9

1e08.1dfc: Image Version: 6.1

1e08.1dfc: SizeOfImage: 0x1a9000 (1740800)

1e08.1dfc: Resource Dir: 0x151000 LB 0x560d8

1e08.1dfc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1e08.1dfc: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Microsoft® Windows® Operating System

1e08.1dfc: ProductVersion: 6.1.7601.17514

1e08.1dfc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1e08.1dfc: FileDescription: NT Layer DLL

1e08.1dfc: \SystemRoot\System32\kernel32.dll:

1e08.1dfc: CreationTime: 2010-11-21T03:24:07.965723400Z

1e08.1dfc: LastWriteTime: 2010-11-21T03:24:07.981323400Z

1e08.1dfc: ChangeTime: 2021-09-10T02:07:46.955135000Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x11b800

1e08.1dfc: NT Headers: 0xe8

1e08.1dfc: Timestamp: 0x4ce7c78b

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x4ce7c78b

1e08.1dfc: Image Version: 6.1

1e08.1dfc: SizeOfImage: 0x11f000 (1175552)

1e08.1dfc: Resource Dir: 0x116000 LB 0x528

1e08.1dfc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Microsoft® Windows® Operating System

1e08.1dfc: ProductVersion: 6.1.7601.17514

1e08.1dfc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1e08.1dfc: FileDescription: Windows NT BASE API Client DLL

1e08.1dfc: \SystemRoot\System32\KernelBase.dll:
1e08.1dfc: CreationTime: 2010-11-21T03:24:26.217755400Z

1e08.1dfc: LastWriteTime: 2010-11-21T03:24:26.248955500Z

1e08.1dfc: ChangeTime: 2021-09-10T02:07:46.986335000Z

1e08.1dfc: FileAttributes: 0x20

1c30.19c8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 44 ms.

1e08.1dfc: Size: 0x66800

1e08.1dfc: NT Headers: 0xf0

1e08.1dfc: Timestamp: 0x4ce7c78c

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x4ce7c78c

1e08.1dfc: Image Version: 6.1

1e08.1dfc: SizeOfImage: 0x6b000 (438272)

1e08.1dfc: Resource Dir: 0x69000 LB 0x530

1e08.1dfc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x690b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Microsoft® Windows® Operating System

1e08.1dfc: ProductVersion: 6.1.7601.17514

1e08.1dfc: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1e08.1dfc: FileDescription: Windows NT BASE API Client DLL

1e08.1dfc: \SystemRoot\System32\apisetschema.dll:

1e08.1dfc: CreationTime: 2009-07-13T23:18:54.866423200Z

1e08.1dfc: LastWriteTime: 2009-07-14T01:24:53.779000000Z

1e08.1dfc: ChangeTime: 2021-09-10T02:07:29.108703600Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x1a00


1e08.1dfc: NT Headers: 0xc0

1e08.1dfc: Timestamp: 0x4a5bdeab

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x4a5bdeab

1e08.1dfc: Image Version: 6.1

1e08.1dfc: SizeOfImage: 0x50000 (327680)

1e08.1dfc: Resource Dir: 0x30000 LB 0x3f0

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Microsoft® Windows® Operating System

1e08.1dfc: ProductVersion: 6.1.7600.16385

1e08.1dfc: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

1e08.1dfc: FileDescription: ApiSet Schema DLL

1e08.1dfc: NtOpenDirectoryObject failed on \Driver: 0xc0000022

1e08.1dfc: supR3HardenedWinFindAdversaries: 0x4

1e08.1dfc: \SystemRoot\System32\drivers\aswMonFlt.sys:

1e08.1dfc: CreationTime: 2023-01-06T00:41:28.759751600Z

1e08.1dfc: LastWriteTime: 2023-01-06T00:41:03.535564000Z

1e08.1dfc: ChangeTime: 2023-01-06T00:41:28.759751600Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x2b6d0

1e08.1dfc: NT Headers: 0xe8

1e08.1dfc: Timestamp: 0x605341a0

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x605341a0


1e08.1dfc: Image Version: 10.0

1e08.1dfc: SizeOfImage: 0x34000 (212992)

1e08.1dfc: Resource Dir: 0x32000 LB 0x3a0

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x32060 LB 0x340, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Avast Antivirus

1e08.1dfc: ProductVersion: 21.2.210.0

1e08.1dfc: FileVersion: 21.2.210.0

1e08.1dfc: FileDescription: Avast File System Filter

1e08.1dfc: \SystemRoot\System32\drivers\aswRdr2.sys:

1e08.1dfc: CreationTime: 2023-01-06T00:41:28.757751500Z

1e08.1dfc: LastWriteTime: 2023-01-06T00:41:03.437558400Z

1e08.1dfc: ChangeTime: 2023-01-06T00:41:28.758751500Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x1a520

1e08.1dfc: NT Headers: 0xf0

1e08.1dfc: Timestamp: 0x605341a1

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x605341a1

1e08.1dfc: Image Version: 10.0

1e08.1dfc: SizeOfImage: 0x1a000 (106496)

1e08.1dfc: Resource Dir: 0x18000 LB 0x388

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x18060 LB 0x324, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Avast Antivirus


1e08.1dfc: ProductVersion: 21.2.210.0

1e08.1dfc: FileVersion: 21.2.210.0

1e08.1dfc: FileDescription: Avast Antivirus

1e08.1dfc: \SystemRoot\System32\drivers\aswRvrt.sys:

1e08.1dfc: CreationTime: 2023-01-06T00:41:28.760751600Z

1e08.1dfc: LastWriteTime: 2023-01-06T00:41:03.650570600Z

1e08.1dfc: ChangeTime: 2023-01-06T00:41:28.763751800Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x145a8

1e08.1dfc: NT Headers: 0xe8

1e08.1dfc: Timestamp: 0x605341a0

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x605341a0

1e08.1dfc: Image Version: 10.0

1e08.1dfc: SizeOfImage: 0x13000 (77824)

1e08.1dfc: Resource Dir: 0x11000 LB 0x380

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x11060 LB 0x320, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Avast Antivirus

1e08.1dfc: ProductVersion: 21.2.210.0

1e08.1dfc: FileVersion: 21.2.210.0

1e08.1dfc: FileDescription: Avast Revert

1e08.1dfc: \SystemRoot\System32\drivers\aswSnx.sys:

1e08.1dfc: CreationTime: 2023-01-06T00:41:28.750751100Z

1e08.1dfc: LastWriteTime: 2023-01-06T00:40:31.681742000Z


1e08.1dfc: ChangeTime: 2023-01-06T00:41:28.751751100Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0xcf8c8

1e08.1dfc: NT Headers: 0xf0

1e08.1dfc: Timestamp: 0x605341a4

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x605341a4

1e08.1dfc: Image Version: 10.0

1e08.1dfc: SizeOfImage: 0xcd000 (839680)

1e08.1dfc: Resource Dir: 0xca000 LB 0x388

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0xca060 LB 0x324, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Avast Antivirus

1e08.1dfc: ProductVersion: 21.2.210.0

1e08.1dfc: FileVersion: 21.2.210.0

1e08.1dfc: FileDescription: Avast Antivirus

1e08.1dfc: \SystemRoot\System32\drivers\aswsp.sys:

1e08.1dfc: CreationTime: 2023-01-06T00:41:28.763751800Z

1e08.1dfc: LastWriteTime: 2023-01-06T00:41:03.800579100Z

1e08.1dfc: ChangeTime: 2023-01-06T00:41:28.764751900Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x71f08

1e08.1dfc: NT Headers: 0xe8

1e08.1dfc: Timestamp: 0x605341af

1e08.1dfc: Machine: 0x8664 - amd64


1e08.1dfc: Timestamp: 0x605341af

1e08.1dfc: Image Version: 10.0

1e08.1dfc: SizeOfImage: 0x72000 (466944)

1e08.1dfc: Resource Dir: 0x70000 LB 0x388

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x70060 LB 0x328, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Avast Antivirus

1e08.1dfc: ProductVersion: 21.2.210.0

1e08.1dfc: FileVersion: 21.2.210.0

1e08.1dfc: FileDescription: Avast Self Protection

1e08.1dfc: \SystemRoot\System32\drivers\aswStm.sys:

1e08.1dfc: CreationTime: 2023-01-06T00:41:28.768752100Z

1e08.1dfc: LastWriteTime: 2023-01-06T00:41:12.209404700Z

1e08.1dfc: ChangeTime: 2023-01-06T00:41:28.768752100Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x34d38

1e08.1dfc: NT Headers: 0x100

1e08.1dfc: Timestamp: 0x605341a3

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x605341a3

1e08.1dfc: Image Version: 10.0

1e08.1dfc: SizeOfImage: 0x34000 (212992)

1e08.1dfc: Resource Dir: 0x32000 LB 0x390

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x32060 LB 0x32c, codepage 0x0 (reserved 0x0)]
1e08.1dfc: ProductName: Avast Antivirus

1e08.1dfc: ProductVersion: 21.2.210.0

1e08.1dfc: FileVersion: 21.2.210.0

1e08.1dfc: FileDescription: Avast Stream Filter

1e08.1dfc: \SystemRoot\System32\drivers\aswVmm.sys:

1e08.1dfc: CreationTime: 2023-01-06T00:41:28.769752200Z

1e08.1dfc: LastWriteTime: 2023-01-06T00:41:16.190632500Z

1e08.1dfc: ChangeTime: 2023-01-06T00:41:28.770752200Z

1e08.1dfc: FileAttributes: 0x20

1e08.1dfc: Size: 0x4fd40

1e08.1dfc: NT Headers: 0xf0

1e08.1dfc: Timestamp: 0x605341a1

1e08.1dfc: Machine: 0x8664 - amd64

1e08.1dfc: Timestamp: 0x605341a1

1e08.1dfc: Image Version: 10.0

1e08.1dfc: SizeOfImage: 0x4d000 (315392)

1e08.1dfc: Resource Dir: 0x4b000 LB 0x388

1e08.1dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1e08.1dfc: [Raw version resource data: 0x4b060 LB 0x328, codepage 0x0 (reserved 0x0)]

1e08.1dfc: ProductName: Avast Antivirus

1e08.1dfc: ProductVersion: 21.2.210.0

1e08.1dfc: FileVersion: 21.2.210.0

1e08.1dfc: FileDescription: Avast VM Monitor

1e08.1dfc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1e08.1dfc: Calling main()


1e08.1dfc: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2

1e08.1dfc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1e08.1dfc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no


imports

1e08.1dfc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\VirtualBoxVM.exe)

1e08.1dfc: SUPR3HardenedMain: Respawn #2

1e08.1dfc: supR3HardNtEnableThreadCreationEx:

1e08.1dfc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\apphelp.dll)

1e08.1dfc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


apphelp.dll

1e08.1dfc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll


(rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]

1e08.1dfc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]

1e08.1dfc: supR3HardenedDllNotificationCallback: load 000007fefcaa0000 LB 0x00057000 C:\


Windows\system32\apphelp.dll [fFlags=0x0]

1e08.1dfc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]

1e08.1dfc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcaa0000 'C:\


Windows\system32\apphelp.dll'

1e08.1dfc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076fac320


pvNtTerminateThread=0000000076fd1840

1e08.1dfc: supR3HardenedWinDoReSpawn(2): New child 1df8.1e10 [kernel32].

1e08.1dfc: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x380

1e08.1dfc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076f80000


uNtDllChildAddr=0000000076f80000

1e08.1dfc: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076fac320


1e08.1dfc: supR3HardenedWinSetupChildInit: Start child.

1e08.1dfc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0


ms.

1e08.1dfc: supR3HardNtChildPurify: Startup delay kludge #1/0: 514 ms, 63 sleeps

1e08.1dfc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION

1e08.1dfc: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000

1e08.1dfc: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000

1e08.1dfc: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000

1e08.1dfc: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000

1e08.1dfc: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000

1e08.1dfc: 0000000000041000-000000000005ffff 0x0001/0x0000 0x0000000

1e08.1dfc: *0000000000060000-000000000015bfff 0x0000/0x0004 0x0020000

1e08.1dfc: 000000000015c000-000000000015dfff 0x0104/0x0004 0x0020000

1e08.1dfc: 000000000015e000-000000000015ffff 0x0004/0x0004 0x0020000

1e08.1dfc: 0000000000160000-0000000076f7ffff 0x0001/0x0000 0x0000000

1e08.1dfc: *0000000076f80000-0000000076f80fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1e08.1dfc: 0000000076f81000-0000000077082fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1e08.1dfc: 0000000077083000-00000000770b1fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1e08.1dfc: 00000000770b2000-00000000770bdfff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1e08.1dfc: 00000000770be000-0000000077128fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\ntdll.dll

1e08.1dfc: 0000000077129000-000000007efdffff 0x0001/0x0000 0x0000000

1e08.1dfc: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000

1e08.1dfc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000


1e08.1dfc: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000

1e08.1dfc: 000000007fff0000-000000013f79ffff 0x0001/0x0000 0x0000000

1e08.1dfc: *000000013f7a0000-000000013f7a0fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f7a1000-000000013f815fff 0x0020/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f816000-000000013f816fff 0x0080/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f817000-000000013f85efff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f85f000-000000013f85ffff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f860000-000000013f860fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f861000-000000013f865fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f866000-000000013f866fff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f867000-000000013f867fff 0x0004/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f868000-000000013f86bfff 0x0008/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f86c000-000000013f8b4fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe

1e08.1dfc: 000000013f8b5000-000007feff29ffff 0x0001/0x0000 0x0000000

1e08.1dfc: *000007feff2a0000-000007feff2a0fff 0x0002/0x0080 0x1000000 \Device\


HarddiskVolume2\Windows\System32\apisetschema.dll

1e08.1dfc: 000007feff2a1000-000007fffffaffff 0x0001/0x0000 0x0000000

1e08.1dfc: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000

1e08.1dfc: 000007fffffd3000-000007fffffd5fff 0x0001/0x0000 0x0000000


1e08.1dfc: *000007fffffd6000-000007fffffd6fff 0x0004/0x0004 0x0020000

1e08.1dfc: 000007fffffd7000-000007fffffddfff 0x0001/0x0000 0x0000000

1e08.1dfc: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000

1e08.1dfc: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000

1e08.1dfc: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)

1e08.1dfc: VirtualBoxVM.exe: timestamp 0x5f07640c (rc=VINF_SUCCESS)

1e08.1dfc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no


imports

1e08.1dfc: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports

1e08.1dfc: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports

1e08.1dfc: supR3HardNtChildPurify: Done after 561 ms and 0 fixes (loop #0).

1df8.1e10: Log file opened: 6.0.24r139119 g_hStartupLog=0000000000000004


g_uNtVerCombined=0x611db100

1df8.1e10: supR3HardenedVmProcessInit: uNtDllAddr=0000000076f80000


g_uNtVerCombined=0x611db100

1df8.1e10: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)

1df8.1e10: New simple heap: #1 0000000000260000 LB 0x400000 (for 1740800 allocation)

1e08.1dfc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000320000 LB 0x400000)

1e08.1dfc: supR3HardNtEnableThreadCreationEx:

1df8.1e10: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1df8.1e10: System32: \Device\HarddiskVolume2\Windows\System32

1df8.1e10: WinSxS: \Device\HarddiskVolume2\Windows\winsxs

1df8.1e10: KnownDllPath: C:\Windows\system32

1df8.1e10: supR3HardenedVmProcessInit: Opening vboxdrv...

1df8.1e10: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...

1df8.1e10: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...


1df8.1e10: Registered Dll notification callback with NTDLL.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\kernel32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


kernel32.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll


(Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff
pwszSearchPath=0000000000000000:<flags> [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 0000000076d60000 LB 0x0011f000 C:\


Windows\system32\kernel32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd230000 LB 0x0006b000 C:\


Windows\system32\KERNELBASE.dll [fFlags=0x0]

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\KernelBase.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


KernelBase.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'C:\


Windows\system32\kernel32.dll'

1df8.1e10: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076fac320


pvNtTerminateThread=0000000076fd1840

1df8.1e10: \SystemRoot\System32\ntdll.dll:

1df8.1e10: CreationTime: 2010-11-21T03:23:51.351694200Z

1df8.1e10: LastWriteTime: 2010-11-21T03:23:51.367294200Z

1df8.1e10: ChangeTime: 2021-09-10T02:08:08.966773600Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x1a6d60


1df8.1e10: NT Headers: 0xe0

1df8.1e10: Timestamp: 0x4ce7c8f9

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x4ce7c8f9

1df8.1e10: Image Version: 6.1

1df8.1e10: SizeOfImage: 0x1a9000 (1740800)

1df8.1e10: Resource Dir: 0x151000 LB 0x560d8

1df8.1e10: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Microsoft® Windows® Operating System

1df8.1e10: ProductVersion: 6.1.7601.17514

1df8.1e10: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1df8.1e10: FileDescription: NT Layer DLL

1df8.1e10: \SystemRoot\System32\kernel32.dll:

1df8.1e10: CreationTime: 2010-11-21T03:24:07.965723400Z

1df8.1e10: LastWriteTime: 2010-11-21T03:24:07.981323400Z

1df8.1e10: ChangeTime: 2021-09-10T02:07:46.955135000Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x11b800

1df8.1e10: NT Headers: 0xe8

1df8.1e10: Timestamp: 0x4ce7c78b

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x4ce7c78b

1df8.1e10: Image Version: 6.1

1df8.1e10: SizeOfImage: 0x11f000 (1175552)


1df8.1e10: Resource Dir: 0x116000 LB 0x528

1df8.1e10: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Microsoft® Windows® Operating System

1df8.1e10: ProductVersion: 6.1.7601.17514

1df8.1e10: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

1df8.1e10: FileDescription: Windows NT BASE API Client DLL

1df8.1e10: \SystemRoot\System32\KernelBase.dll:

1df8.1e10: CreationTime: 2010-11-21T03:24:26.217755400Z

1df8.1e10: LastWriteTime: 2010-11-21T03:24:26.248955500Z

1df8.1e10: ChangeTime: 2021-09-10T02:07:46.986335000Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x66800

1df8.1e10: NT Headers: 0xf0

1df8.1e10: Timestamp: 0x4ce7c78c

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x4ce7c78c

1df8.1e10: Image Version: 6.1

1df8.1e10: SizeOfImage: 0x6b000 (438272)

1df8.1e10: Resource Dir: 0x69000 LB 0x530

1df8.1e10: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x690b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Microsoft® Windows® Operating System

1df8.1e10: ProductVersion: 6.1.7601.17514

1df8.1e10: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)


1df8.1e10: FileDescription: Windows NT BASE API Client DLL

1df8.1e10: \SystemRoot\System32\apisetschema.dll:

1df8.1e10: CreationTime: 2009-07-13T23:18:54.866423200Z

1df8.1e10: LastWriteTime: 2009-07-14T01:24:53.779000000Z

1df8.1e10: ChangeTime: 2021-09-10T02:07:29.108703600Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x1a00

1df8.1e10: NT Headers: 0xc0

1df8.1e10: Timestamp: 0x4a5bdeab

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x4a5bdeab

1df8.1e10: Image Version: 6.1

1df8.1e10: SizeOfImage: 0x50000 (327680)

1df8.1e10: Resource Dir: 0x30000 LB 0x3f0

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Microsoft® Windows® Operating System

1df8.1e10: ProductVersion: 6.1.7600.16385

1df8.1e10: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

1df8.1e10: FileDescription: ApiSet Schema DLL

1df8.1e10: NtOpenDirectoryObject failed on \Driver: 0xc0000022

1df8.1e10: supR3HardenedWinFindAdversaries: 0x4

1df8.1e10: \SystemRoot\System32\drivers\aswMonFlt.sys:

1df8.1e10: CreationTime: 2023-01-06T00:41:28.759751600Z

1df8.1e10: LastWriteTime: 2023-01-06T00:41:03.535564000Z


1df8.1e10: ChangeTime: 2023-01-06T00:41:28.759751600Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x2b6d0

1df8.1e10: NT Headers: 0xe8

1df8.1e10: Timestamp: 0x605341a0

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x605341a0

1df8.1e10: Image Version: 10.0

1df8.1e10: SizeOfImage: 0x34000 (212992)

1df8.1e10: Resource Dir: 0x32000 LB 0x3a0

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x32060 LB 0x340, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Avast Antivirus

1df8.1e10: ProductVersion: 21.2.210.0

1df8.1e10: FileVersion: 21.2.210.0

1df8.1e10: FileDescription: Avast File System Filter

1df8.1e10: \SystemRoot\System32\drivers\aswRdr2.sys:

1df8.1e10: CreationTime: 2023-01-06T00:41:28.757751500Z

1df8.1e10: LastWriteTime: 2023-01-06T00:41:03.437558400Z

1df8.1e10: ChangeTime: 2023-01-06T00:41:28.758751500Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x1a520

1df8.1e10: NT Headers: 0xf0

1df8.1e10: Timestamp: 0x605341a1

1df8.1e10: Machine: 0x8664 - amd64


1df8.1e10: Timestamp: 0x605341a1

1df8.1e10: Image Version: 10.0

1df8.1e10: SizeOfImage: 0x1a000 (106496)

1df8.1e10: Resource Dir: 0x18000 LB 0x388

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x18060 LB 0x324, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Avast Antivirus

1df8.1e10: ProductVersion: 21.2.210.0

1df8.1e10: FileVersion: 21.2.210.0

1df8.1e10: FileDescription: Avast Antivirus

1df8.1e10: \SystemRoot\System32\drivers\aswRvrt.sys:

1df8.1e10: CreationTime: 2023-01-06T00:41:28.760751600Z

1df8.1e10: LastWriteTime: 2023-01-06T00:41:03.650570600Z

1df8.1e10: ChangeTime: 2023-01-06T00:41:28.763751800Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x145a8

1df8.1e10: NT Headers: 0xe8

1df8.1e10: Timestamp: 0x605341a0

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x605341a0

1df8.1e10: Image Version: 10.0

1df8.1e10: SizeOfImage: 0x13000 (77824)

1df8.1e10: Resource Dir: 0x11000 LB 0x380

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x11060 LB 0x320, codepage 0x0 (reserved 0x0)]
1df8.1e10: ProductName: Avast Antivirus

1df8.1e10: ProductVersion: 21.2.210.0

1df8.1e10: FileVersion: 21.2.210.0

1df8.1e10: FileDescription: Avast Revert

1df8.1e10: \SystemRoot\System32\drivers\aswSnx.sys:

1df8.1e10: CreationTime: 2023-01-06T00:41:28.750751100Z

1df8.1e10: LastWriteTime: 2023-01-06T00:40:31.681742000Z

1df8.1e10: ChangeTime: 2023-01-06T00:41:28.751751100Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0xcf8c8

1df8.1e10: NT Headers: 0xf0

1df8.1e10: Timestamp: 0x605341a4

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x605341a4

1df8.1e10: Image Version: 10.0

1df8.1e10: SizeOfImage: 0xcd000 (839680)

1df8.1e10: Resource Dir: 0xca000 LB 0x388

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0xca060 LB 0x324, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Avast Antivirus

1df8.1e10: ProductVersion: 21.2.210.0

1df8.1e10: FileVersion: 21.2.210.0

1df8.1e10: FileDescription: Avast Antivirus

1df8.1e10: \SystemRoot\System32\drivers\aswsp.sys:

1df8.1e10: CreationTime: 2023-01-06T00:41:28.763751800Z


1df8.1e10: LastWriteTime: 2023-01-06T00:41:03.800579100Z

1df8.1e10: ChangeTime: 2023-01-06T00:41:28.764751900Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x71f08

1df8.1e10: NT Headers: 0xe8

1df8.1e10: Timestamp: 0x605341af

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x605341af

1df8.1e10: Image Version: 10.0

1df8.1e10: SizeOfImage: 0x72000 (466944)

1df8.1e10: Resource Dir: 0x70000 LB 0x388

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x70060 LB 0x328, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Avast Antivirus

1df8.1e10: ProductVersion: 21.2.210.0

1df8.1e10: FileVersion: 21.2.210.0

1df8.1e10: FileDescription: Avast Self Protection

1df8.1e10: \SystemRoot\System32\drivers\aswStm.sys:

1df8.1e10: CreationTime: 2023-01-06T00:41:28.768752100Z

1df8.1e10: LastWriteTime: 2023-01-06T00:41:12.209404700Z

1df8.1e10: ChangeTime: 2023-01-06T00:41:28.768752100Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x34d38

1df8.1e10: NT Headers: 0x100

1df8.1e10: Timestamp: 0x605341a3


1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x605341a3

1df8.1e10: Image Version: 10.0

1df8.1e10: SizeOfImage: 0x34000 (212992)

1df8.1e10: Resource Dir: 0x32000 LB 0x390

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]

1df8.1e10: [Raw version resource data: 0x32060 LB 0x32c, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Avast Antivirus

1df8.1e10: ProductVersion: 21.2.210.0

1df8.1e10: FileVersion: 21.2.210.0

1df8.1e10: FileDescription: Avast Stream Filter

1df8.1e10: \SystemRoot\System32\drivers\aswVmm.sys:

1df8.1e10: CreationTime: 2023-01-06T00:41:28.769752200Z

1df8.1e10: LastWriteTime: 2023-01-06T00:41:16.190632500Z

1df8.1e10: ChangeTime: 2023-01-06T00:41:28.770752200Z

1df8.1e10: FileAttributes: 0x20

1df8.1e10: Size: 0x4fd40

1df8.1e10: NT Headers: 0xf0

1df8.1e10: Timestamp: 0x605341a1

1df8.1e10: Machine: 0x8664 - amd64

1df8.1e10: Timestamp: 0x605341a1

1df8.1e10: Image Version: 10.0

1df8.1e10: SizeOfImage: 0x4d000 (315392)

1df8.1e10: Resource Dir: 0x4b000 LB 0x388

1df8.1e10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1df8.1e10: [Raw version resource data: 0x4b060 LB 0x328, codepage 0x0 (reserved 0x0)]

1df8.1e10: ProductName: Avast Antivirus

1df8.1e10: ProductVersion: 21.2.210.0

1df8.1e10: FileVersion: 21.2.210.0

1df8.1e10: FileDescription: Avast VM Monitor

1df8.1e10: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1df8.1e10: Calling main()

1df8.1e10: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2

1df8.1e10: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox'

1df8.1e10: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no


imports

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\VirtualBoxVM.exe)

1df8.1e10: SUPR3HardenedMain: Final process, opening VBoxDrv...

1df8.1e10: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000260000 LB 0x400000)

1df8.1e10: supR3HardNtEnableThreadCreationEx:

1e08.1dfc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 166 ms.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\VBoxSupLib.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\VBoxSupLib.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\


VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]
1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a))
on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fef5d20000 LB 0x00005000 C:\Program


Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\


VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\


Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\


VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\


Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5d20000 'C:\


Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.


1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\
System32\wintrust.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


wintrust.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\rpcrt4.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


rpcrt4.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\msasn1.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


msasn1.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\crypt32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


crypt32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\
System32\msvcrt.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


msvcrt.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd080000 LB 0x0003a000 C:\


Windows\system32\Wintrust.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007feff020000 LB 0x0009f000 C:\Windows\


system32\msvcrt.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd0c0000 LB 0x00167000 C:\


Windows\system32\CRYPT32.dll [fFlags=0x0]
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf70000 LB 0x0000f000 C:\Windows\


system32\MSASN1.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd490000 LB 0x0012d000 C:\


Windows\system32\RPCRT4.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd080000 'C:\


Windows\system32\Wintrust.dll'

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\bcrypt.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


bcrypt.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefc620000 LB 0x00022000 C:\


Windows\system32\bcrypt.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc620000 'C:\


Windows\system32\bcrypt.dll'

1df8.1e10: bcrypt.dll loaded at 000007fefc620000, BCryptOpenAlgorithmProvider at 000007fefc622640,


preloading providers:

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.


1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\


System32\bcryptprimitives.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


bcryptprimitives.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\advapi32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


advapi32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll
(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefc140000 LB 0x0004c000 C:\


Windows\system32\bcryptprimitives.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd5c0000 LB 0x000db000 C:\


Windows\system32\ADVAPI32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\sechost.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


sechost.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe950000 LB 0x0001f000 C:\


Windows\SYSTEM32\sechost.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc140000 'C:\


Windows\system32\bcryptprimitives.dll'

1df8.1e10: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000006d26a0)

1df8.1e10: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000006d56c0)

1df8.1e10: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000006d57e0)

1df8.1e10: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000006d59f0)


1df8.1e10: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000006d5b10)

1df8.1e10: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000006d5c30)

1df8.1e10: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000006d5e70)

1df8.1e10: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000006d5f90)

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\cryptsp.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


cryptsp.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll


(Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefc4d0000 LB 0x00017000 C:\


Windows\system32\CRYPTSP.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4d0000 'C:\
Windows\system32\CRYPTSP.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\


System32\rsaenh.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


rsaenh.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefc200000 LB 0x00047000 C:\


Windows\system32\rsaenh.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc200000 'C:\


Windows\system32\rsaenh.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll


(Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5c0000 'C:\
Windows\system32\ADVAPI32.dll'

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\cryptbase.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


cryptbase.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll


(Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcb00000 LB 0x0000f000 C:\


Windows\system32\CRYPTBASE.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb00000 'C:\


Windows\system32\CRYPTBASE.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll


(Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'C:\


Windows\system32\kernel32.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL


(Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0
pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\
Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\
Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\
bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd080000 'C:\


Windows\system32\WINTRUST.DLL'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll


(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\


Windows\system32\CRYPT32.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\imagehlp.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


imagehlp.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll


(Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
1df8.1e10: \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll: Owner is
administrators group.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Avast


Software\Avast\aswhook.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Avast


Software\Avast\aswhook.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Avast Software\Avast\


aswhook.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
[calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fedd4b0000 LB 0x00013000 C:\Program


Files\Avast Software\Avast\aswhook.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedd4b0000 'C:\


Program Files\Avast Software\Avast\aswhook.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd6b0000 LB 0x00017000 C:\


Windows\system32\imagehlp.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinReInstallHooks: Reinstalling LdrLoadDll (0000000076fa7a90: e9 a3 87 06


c0 cc cc cc cc cc ff e0 41 54 48 83).

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6b0000 'C:\


Windows\system32\imagehlp.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll


(Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc4d0000 'C:\
Windows\system32\CRYPTSP.dll'

1df8.1e10: \Device\HarddiskVolume2\Windows\System32\user32.dll: Owner is administrators group.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\user32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


user32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\gdi32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


gdi32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\


Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\lpk.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\


HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\usp10.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


usp10.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll


(Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 0000000076e80000 LB 0x000fa000 C:\


Windows\system32\USER32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefea40000 LB 0x00067000 C:\


Windows\system32\GDI32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd900000 LB 0x0000e000 C:\


Windows\system32\LPK.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe970000 LB 0x000c9000 C:\


Windows\system32\USP10.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll
(Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea40000 'C:\


Windows\system32\gdi32.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\imm32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


imm32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\msctf.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


msctf.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]
1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))
on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007feff1c0000 LB 0x0002e000 C:\


Windows\system32\IMM32.DLL [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd2a0000 LB 0x00109000 C:\


Windows\system32\MSCTF.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff1c0000 'C:\


Windows\system32\IMM32.DLL'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e80000 'C:\


Windows\system32\USER32.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\ncrypt.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


ncrypt.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll


(Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefc650000 LB 0x0004e000 C:\


Windows\system32\ncrypt.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc650000 'C:\


Windows\system32\ncrypt.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll


(Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc620000 'C:\


Windows\system32\bcrypt.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.


1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\
System32\userenv.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


userenv.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\


HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\profapi.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


profapi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll


(Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcdb0000 LB 0x0001e000 C:\


Windows\system32\USERENV.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcda0000 LB 0x0000f000 C:\


Windows\system32\profapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdb0000 'C:\


Windows\system32\USERENV.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


Win-Security-SDDL-L1-1-0.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


Win-Security-SDDL-L1-1-0.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.


1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\gpapi.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


gpapi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll


(Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefbfc0000 LB 0x0001b000 C:\


Windows\system32\GPAPI.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfc0000 'C:\


Windows\system32\GPAPI.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


WIN-Service-Management-L1-1-0.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll


(Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd490000 'C:\


Windows\system32\rpcrt4.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


WIN-Service-Management-L2-1-0.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


Win-Security-SDDL-L1-1-0.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'crypt32.dll'.


1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wldap32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\cryptnet.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


cryptnet.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\Wldap32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


Wldap32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll


(Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007feec920000 LB 0x00026000 C:\


Windows\system32\cryptnet.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd6d0000 LB 0x00052000 C:\


Windows\system32\WLDAP32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll


(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll


(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll
(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll


(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll


(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll


(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec920000 'C:\


Windows\system32\cryptnet.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\shlwapi.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


shlwapi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\
HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll


(Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007feff140000 LB 0x00071000 C:\


Windows\system32\SHLWAPI.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff140000 'C:\


Windows\system32\SHLWAPI.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


Win-Security-SDDL-L1-1-0.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll


(Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\


Windows\system32\profapi.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\setupapi.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


setupapi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\


HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.


1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\
System32\devobj.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


devobj.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\oleaut32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


oleaut32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\cfgmgr32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


cfgmgr32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.


1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\
System32\ole32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


ole32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\
HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\setupapi.dll


(Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true


1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll
(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\cabinet.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


cabinet.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll


(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007feec760000 LB 0x0001b000 C:\


Windows\system32\Cabinet.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'
1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\devrtl.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


devrtl.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefbfe0000 LB 0x00012000 C:\


Windows\system32\DEVRTL.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]
1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\
Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\SensApi.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


SensApi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SensApi.dll


(Input=SensApi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\SensApi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fef7530000 LB 0x00009000 C:\


Windows\system32\SensApi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\SensApi.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7530000 'C:\


Windows\system32\SensApi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd490000 'C:\


Windows\system32\RPCRT4.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true


1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll
(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


WIN-Service-Management-L1-1-0.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


WIN-Service-winsvc-L1-1-0.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd490000 'C:\


Windows\system32\RPCRT4.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


Win-Security-LSALookup-L1-1-0.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-
Win-Security-LSALookup-L1-1-0.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\


SystemRoot\System32\ntdll.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=6463B603CF12442718467D754A1EDC45CE1D6E7E

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


Win-Security-SDDL-L1-1-0.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


WIN-Service-Management-L1-1-0.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


WIN-Service-winsvc-L1-1-0.dll'
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll


(Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5c0000 'C:\


Windows\system32\ADVAPI32.dll'

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe950000 'API-MS-


Win-Security-LSALookup-L1-1-0.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\SystemRoot\System32\ntdll.dll'

1df8.1e10: g_pfnWinVerifyTrust=000007fefd081010

1df8.1e10: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\


HarddiskVolume2\Windows\System32\crypt32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=766DAE0DAEDFFD0DB96611658C619DD5922D2FEC

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\crypt32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Windows\System32\crypt32.dll'

1df8.1e10: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000c8 pwszName=\Device\


HarddiskVolume2\Windows\System32\wintrust.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=E8D9B442D9CC38B2D0501106E104A42A4EE0B238

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\wintrust.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Windows\System32\wintrust.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000037c pwszName=\Device\


HarddiskVolume2\Windows\System32\SensApi.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=64EC96E0AF581E764142DFBCFCF2E1C9BCF62EE4

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\SensApi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)


1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\
Device\HarddiskVolume2\Windows\System32\SensApi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003d8 pwszName=\Device\


HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\devrtl.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\devrtl.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003cc pwszName=\Device\


HarddiskVolume2\Windows\System32\cabinet.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=5D1555851298EA005A2E9FEA027F5898BC240083

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\cabinet.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\cabinet.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\


HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0


1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\ole32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\ole32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\cfgmgr32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=26A5C3FE898CBD66951D3BC65E742E0BE561E69B

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\oleaut32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\oleaut32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\devobj.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\devobj.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\setupapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000374 pwszName=\Device\
HarddiskVolume2\Windows\System32\shlwapi.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\shlwapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\shlwapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000368 pwszName=\Device\


HarddiskVolume2\Windows\System32\Wldap32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\Wldap32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\Wldap32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000364 pwszName=\Device\


HarddiskVolume2\Windows\System32\cryptnet.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0


1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20
wszDigest=CA2FE16E05087DA5C24DC5EB2EE8053CDA5DE9A9

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\
HarddiskVolume2\Windows\System32\cryptnet.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\cryptnet.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000250 pwszName=\Device\


HarddiskVolume2\Windows\System32\gpapi.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=470795C189226F7BDB8E50F42104CC34488B9340

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\gpapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\gpapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001bc pwszName=\Device\


HarddiskVolume2\Windows\System32\profapi.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=2449672745D9BA339420451D13FA0380AA768231

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\profapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)


1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\
Device\HarddiskVolume2\Windows\System32\profapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b8 pwszName=\Device\


HarddiskVolume2\Windows\System32\userenv.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\userenv.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\userenv.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\


HarddiskVolume2\Windows\System32\ncrypt.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=3D482C50075646C922DC6A66C97956C5060C361B

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\ncrypt.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\ncrypt.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\


HarddiskVolume2\Windows\System32\msctf.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0


1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20
wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\msctf.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\msctf.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\


HarddiskVolume2\Windows\System32\imm32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\imm32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\imm32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\


HarddiskVolume2\Windows\System32\usp10.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=97AE9B5B40144F2794F30A891013393C80D631A1

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\usp10.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)


1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\
Device\HarddiskVolume2\Windows\System32\usp10.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\


HarddiskVolume2\Windows\System32\lpk.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=A42DFBB8A3A26D2178D79D34DA1CE275E2A0BE37

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\lpk.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\lpk.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\


HarddiskVolume2\Windows\System32\gdi32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=C8F7179D2AEB0FEB168A01D182223AC2D7B8F331

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\gdi32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\gdi32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\


HarddiskVolume2\Windows\System32\user32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0


1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=E7DC496F06553DAC9BBB7B106A5859A9B7459010

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context


(CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=E7DC496F06553DAC9BBB7B106A5859A9B7459010

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed


ERROR_NOT_FOUND (1168)

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for


'\Device\HarddiskVolume2\Windows\System32\user32.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\crypt32.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll


(Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\


Windows\system32\crypt32.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\setupapi.dll


(Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]
1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Windows\System32\cabinet.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll


(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\setupapi.dll


(Input=setupapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-
Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cabinet.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll


(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]
1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\
Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cabinet.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll


(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\


HarddiskVolume2\Windows\System32\imagehlp.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=AFE89CF1060867A10BD3963894BCDB4D3058F804
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\
system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\imagehlp.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\imagehlp.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000124 pwszName=\Device\


HarddiskVolume2\Windows\System32\cryptbase.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\cryptbase.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\cryptbase.dll'

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Windows\System32\rsaenh.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\


HarddiskVolume2\Windows\System32\cryptsp.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\cryptsp.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)


1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\
Device\HarddiskVolume2\Windows\System32\cryptsp.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\


HarddiskVolume2\Windows\System32\sechost.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\sechost.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\sechost.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000110 pwszName=\Device\


HarddiskVolume2\Windows\System32\advapi32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=DBCDF817D89920EE3139FB7E090744EB36A4A21B

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\advapi32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\advapi32.dll'

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Windows\System32\bcryptprimitives.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000f8 pwszName=\Device\


HarddiskVolume2\Windows\System32\bcrypt.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0


1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\bcrypt.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\bcrypt.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=DBEAC8C0FA88C88B540ACFE0683B1810C077AA53

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\msvcrt.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\msvcrt.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d0 pwszName=\Device\


HarddiskVolume2\Windows\System32\msasn1.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\msasn1.dll'
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\msasn1.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000cc pwszName=\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=BC4D9E909DFDD2EE8BA1A5C857D73D49EBE7952C

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\rpcrt4.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ole32.dll
1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\
Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cabinet.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll


(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'
1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\
Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\


HarddiskVolume2\Windows\System32\KernelBase.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=06FEC3C858DB28D2F4BFBDA99AF14D4747A8C5D4

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\KernelBase.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\KernelBase.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\


HarddiskVolume2\Windows\System32\kernel32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=D7AE634A00F24BBD4AE27DEA9BCCCE222DE9897B
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\
system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\kernel32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\kernel32.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\crypt32.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\


Windows\system32\crypt32.dll'

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xd1a780150439d500 OU=generated by Avast


Antivirus for SSL/TLS scanning, O=Avast Web/Mail Shield, CN=Avast Web/Mail Shield Root

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft,


CN=Microsoft Root Certificate Authority

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape,


L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997


Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x3a9d44322b2beb00 C=DE, ST=Bavaria,


L=Munich, O=Oracle Deutschland B.V. & Co. KG, CN=VirtualBox for Legacy Windows Only Timestamp CA
SHA1

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT,


CN=Microsoft Authenticode(tm) Root Authority

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust


Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997
Microsoft Corp.
1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust
Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED,
(c)97 VeriSign, Inc.

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake


City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust


Co., CN=DST Root CA X3

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG,


CN=SwissSign Gold CA - G2

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore,


OU=CyberTrust, CN=Baltimore CyberTrust Root

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater


Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-


sa, OU=Root CA, CN=GlobalSign Root CA

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield


Technologies, Inc., OU=Starfield Class 2 Certification Authority

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc,


OU=www.digicert.com, CN=DigiCert Global Root CA

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE


Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust


Corporation, CN=SecureTrust CA

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net,


OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited,
CN=Entrust.net Certification Authority (2048)

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA -


R2, O=GlobalSign, CN=GlobalSign

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc.,


OU=Class 3 Public Primary Certification Authority

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z


o.o., CN=Certum CA
1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc,
OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc.,


OU=Class 3 Public Primary Certification Authority

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc.,


OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3
Public Primary Certification Authority - G5

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM


Trust.net, OU=Security Communication RootCA1

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x9259c8abe5ca713a L=ValiCert Validation


Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority,
CN=http://www.valicert.com/, [email protected]

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy


Group, Inc., OU=Go Daddy Class 2 Certification Authority

1df8.1e10: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc,


OU=www.digicert.com, CN=DigiCert Assured ID Root CA

1df8.1e10: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=29

1df8.1e10: SUPR3HardenedMain: Load Runtime...

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cabinet.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll


(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\
Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003dc pwszName=\Device\


HarddiskVolume2\Windows\System32\ws2_32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\
system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\ws2_32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\


System32\ws2_32.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


ws2_32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\


Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\


HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\nsi.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\
HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cabinet.dll
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll
(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\msvcp100.dll
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\msvcr100.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\msvcr100.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fed6960000 LB 0x005cb000 C:\Program


Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a))


on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000000006f960000 LB 0x000d2000 C:\Program


Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000000006f8c0000 LB 0x00098000 C:\Program


Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd730000 LB 0x0004d000 C:\


Windows\system32\WS2_32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ws2_32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd6a0000 LB 0x00008000 C:\


Windows\system32\NSI.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\nsi.dll [avoiding WinVerifyTrust]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll
(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\
Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.
1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for
'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for
'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.
1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for
'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for
'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\
Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for
'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\
Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\nsi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed6960000 'C:\


Program Files\Oracle\VirtualBox\VBoxRT.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\
Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003d0 pwszName=\Device\


HarddiskVolume2\Windows\System32\nsi.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\nsi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\nsi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\wintrust.dll
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll
(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd080000 'C:\


Windows\system32\Wintrust.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\crypt32.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll


(rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\


Windows\system32\crypt32.dll'

1df8.1e10: SUPR3HardenedMain: Load TrustedMain...

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-
Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxglobal.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.


1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\VirtualBoxVM.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\


HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000434 pwszName=\Device\


HarddiskVolume2\Windows\System32\winmm.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\winmm.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\


System32\winmm.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


winmm.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\
HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\setupapi.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\Qt5OpenGLVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\Qt5CoreVBox.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\Qt5CoreVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.


1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\Qt5GuiVBox.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\Qt5GuiVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\Qt5WidgetsVBox.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\Qt5WidgetsVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\


HarddiskVolume2\Windows\System32\shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\shell32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


shell32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\opengl32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\opengl32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


opengl32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\


Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\mpr.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\mpr.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


mpr.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ws2_32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\advapi32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status -22900 (0xffffa68c)) on \


Device\HarddiskVolume2\Windows\System32\user32.dll

1df8.1e10: Error (rc=0):


1df8.1e10: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c)
fImage=1 fProtect=0x0 fAccess=0x0 cHits=16 \Device\HarddiskVolume2\Windows\System32\user32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\


HarddiskVolume2\Windows\System32\ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\ddraw.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


ddraw.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\


HarddiskVolume2\Windows\System32\glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.


1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\
System32\glu32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


glu32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\advapi32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\


HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\shlwapi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\
HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\


HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\


HarddiskVolume2\Windows\System32\dwmapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\dwmapi.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


dwmapi.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\


HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\
HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\


HarddiskVolume2\Windows\System32\dciman32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\


System32\dciman32.dll)

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\


dciman32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\gdi32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\
HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\


HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'
1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\
Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]
1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\
Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\ole32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]
1df8.1e10: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'
1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\
Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxglobal.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxglobal.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxglobal.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]
1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\
Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cfgmgr32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\oleaut32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cabinet.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Cabinet.dll


(Input=Cabinet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Windows\System32\devrtl.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\DEVRTL.dll


(Input=DEVRTL.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.


1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\
Oracle\VirtualBox\VBoxGlobal.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\VBoxGlobal.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\opengl32.dll [redoing WinVerifyTrust]

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000042c pwszName=\Device\


HarddiskVolume2\Windows\System32\opengl32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\
HarddiskVolume2\Windows\System32\opengl32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Windows\System32\opengl32.dll'

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\


HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\advapi32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \


Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [redoing
WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\devobj.dll

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll


(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]
1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-
Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\setupapi.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [flags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: Unload 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [flags=0x0]

1df8.1e10: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...


1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\
HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\


VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fee7220000 LB 0x00189000 C:\Program


Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\opengl32.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fef5b60000 LB 0x0011d000 C:\


Windows\system32\OPENGL32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\opengl32.dll

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fef5d50000 LB 0x0002d000 C:\


Windows\system32\GLU32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fed9dc0000 LB 0x000f1000 C:\


Windows\system32\DDRAW.dll [fFlags=0x0]
1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \
Device\HarddiskVolume2\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fef3300000 LB 0x00008000 C:\


Windows\system32\DCIMAN32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefee40000 LB 0x001d7000 C:\


Windows\system32\SETUPAPI.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcf80000 LB 0x00036000 C:\


Windows\system32\CFGMGR32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd3b0000 LB 0x000d7000 C:\


Windows\system32\OLEAUT32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefe6a0000 LB 0x00203000 C:\


Windows\system32\ole32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x0001a000 C:\


Windows\system32\DEVOBJ.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefab70000 LB 0x00018000 C:\


Windows\system32\dwmapi.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGlobal.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fed6f30000 LB 0x02388000 C:\Program


Files\Oracle\VirtualBox\VBoxGlobal.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGlobal.dll

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1df8.1e10: supR3HardenedDllNotificationCallback: load 0000000063d00000 LB 0x00565000 C:\
Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefd910000 LB 0x00d88000 C:\


Windows\system32\SHELL32.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\shell32.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974))


on \Device\HarddiskVolume2\Windows\System32\mpr.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefcec0000 LB 0x00018000 C:\


Windows\system32\MPR.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \


Device\HarddiskVolume2\Windows\System32\mpr.dll [avoiding WinVerifyTrust]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fed6360000 LB 0x005f7000 C:\Program


Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000000005f660000 LB 0x00561000 C:\Program


Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 0000000072080000 LB 0x00054000 C:\


Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\
HarddiskVolume2\Windows\System32\winmm.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fefae40000 LB 0x0003b000 C:\


Windows\system32\WINMM.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\winmm.dll

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dciman32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dwmapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\mpr.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]

1df8.1e10: supR3HardenedIsApiSetDll: '<NULL>' -> true


1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll
(rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program Files\Oracle\
VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program Files\
dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\bin;C:\
Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076d60000 'API-MS-


Win-Core-LocalRegistry-L1-1-0.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dciman32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dwmapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\mpr.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dciman32.dll'.
1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for
'\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dwmapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\mpr.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\advapi32.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL


(Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5c0000 'C:\


Windows\system32\ADVAPI32.DLL'
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dciman32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dwmapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\mpr.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dciman32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dwmapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\mpr.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cryptbase.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll


(Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff
pwszSearchPath=0000000000000000:<flags> [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb00000 'C:\


Windows\system32\cryptbase.dll'

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dciman32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\dwmapi.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rescheduled]
1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\glu32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\ddraw.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\mpr.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]

1df8.1e10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\
HarddiskVolume2\Windows\System32\shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for


'\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7220000 'C:\


Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000044c pwszName=\Device\


HarddiskVolume2\Windows\System32\dciman32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=D3FEC714D729F7CAEB9B7A25E2012B6A6E9007F5

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\dciman32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\dciman32.dll'
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000438 pwszName=\Device\
HarddiskVolume2\Windows\System32\dwmapi.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\dwmapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\dwmapi.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000458 pwszName=\Device\


HarddiskVolume2\Windows\System32\glu32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\
HarddiskVolume2\Windows\System32\glu32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\glu32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000045c pwszName=\Device\


HarddiskVolume2\Windows\System32\ddraw.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\
system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\
HarddiskVolume2\Windows\System32\ddraw.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\ddraw.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000448 pwszName=\Device\


HarddiskVolume2\Windows\System32\mpr.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20


wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\
HarddiskVolume2\Windows\System32\mpr.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\mpr.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000444 pwszName=\Device\


HarddiskVolume2\Windows\System32\shell32.dll

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006cd2b0

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006cd2b0

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\crypt32.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll


(rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000006a4150:C:\Program Files\
Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\Program
Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS Code\
bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\


Windows\system32\CRYPT32.dll'
1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20
wszDigest=FCF00DB9BBECF4126AB4076577BBA73C0F94BDF9

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\


system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-
Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\
System32\shell32.dll'

1df8.1e10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)

1df8.1e10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\


Device\HarddiskVolume2\Windows\System32\shell32.dll'

1df8.1e10: SUPR3HardenedMain: Calling TrustedMain (000007fee72216c0)...

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6a0000 'C:\


Windows\system32\ole32.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5c0000 'C:\


Windows\system32\ADVAPI32.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\profapi.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll


(Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcda0000 'C:\


Windows\system32\profapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefee40000 'C:\


Windows\system32\setupapi.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec760000 'C:\


Windows\system32\Cabinet.dll'

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbfe0000 'C:\


Windows\system32\DEVRTL.dll'

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.


1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.

1df8.1e10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.

1df8.1e10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\


Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust

1df8.1e10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\


VirtualBox\platforms\qwindows.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\shell32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\


HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\winmm.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\imm32.dll

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1df8.1e10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\


HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\


qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\Program
Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\bin;C:\
Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\Microsoft VS
Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\npm [calling]

1df8.1e10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll

1df8.1e10: supR3HardenedDllNotificationCallback: load 000007fef53f0000 LB 0x0012e000 C:\Program


Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef53f0000 'C:\Program


Files\Oracle\VirtualBox\platforms\qwindows.dll'

1df8.1e10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\


HarddiskVolume2\Windows\System32\cryptbase.dll

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll


(Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000006a4150:C:\
Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\MinGW\
bin;C:\Program Files\dotnet\;C:\Program Files\nodejs\;;C:\Users\Dell\AppData\Local\Programs\
Microsoft VS Code\bin;C:\Program Files\JetBrains\CLion 2022.2.3\bin;;C:\Users\Dell\AppData\Roaming\
npm [calling]

1df8.1e10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb00000 'C:\


Windows\system32\CRYPTBASE.dll'

1e08.1dfc: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0,


rcNt2=0x103, rcNt3=0x103, 16709 ms, the end);

1c30.19c8: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0,


rcNt2=0x103, rcNt3=0x103, 17554 ms, the end);

You might also like