VirtualBox

Ticket #15396: VBoxHardening.log

File VBoxHardening.log, 148.1 KB (added by 施健, 8 years ago)
Line 
1f04.b6c: Log file opened: 5.0.20r106931 g_hStartupLog=00000000000000ac g_uNtVerCombined=0xa0280000
2f04.b6c: \SystemRoot\System32\ntdll.dll:
3f04.b6c: CreationTime: 2016-02-10T12:52:21.621234900Z
4f04.b6c: LastWriteTime: 2016-01-31T06:24:08.504709500Z
5f04.b6c: ChangeTime: 2016-02-11T16:14:33.084453300Z
6f04.b6c: FileAttributes: 0x20
7f04.b6c: Size: 0x1bd870
8f04.b6c: NT Headers: 0xd8
9f04.b6c: Timestamp: 0x56ad9704
10f04.b6c: Machine: 0x8664 - amd64
11f04.b6c: Timestamp: 0x56ad9704
12f04.b6c: Image Version: 10.0
13f04.b6c: SizeOfImage: 0x1c2000 (1843200)
14f04.b6c: Resource Dir: 0x15b000 LB 0x65718
15f04.b6c: ProductName: Microsoft® Windows® Operating System
16f04.b6c: ProductVersion: 10.0.10240.16683
17f04.b6c: FileVersion: 10.0.10240.16683 (th1.160130-1842)
18f04.b6c: FileDescription: NT Layer DLL
19f04.b6c: \SystemRoot\System32\kernel32.dll:
20f04.b6c: CreationTime: 2015-07-10T10:59:59.699781600Z
21f04.b6c: LastWriteTime: 2015-07-10T10:59:59.699781600Z
22f04.b6c: ChangeTime: 2015-12-21T17:25:44.929083900Z
23f04.b6c: FileAttributes: 0x20
24f04.b6c: Size: 0xab830
25f04.b6c: NT Headers: 0xf0
26f04.b6c: Timestamp: 0x559f38ad
27f04.b6c: Machine: 0x8664 - amd64
28f04.b6c: Timestamp: 0x559f38ad
29f04.b6c: Image Version: 10.0
30f04.b6c: SizeOfImage: 0xad000 (708608)
31f04.b6c: Resource Dir: 0xab000 LB 0x518
32f04.b6c: ProductName: Microsoft® Windows® Operating System
33f04.b6c: ProductVersion: 10.0.10240.16384
34f04.b6c: FileVersion: 10.0.10240.16384 (th1.150709-1700)
35f04.b6c: FileDescription: Windows NT BASE API Client DLL
36f04.b6c: \SystemRoot\System32\KernelBase.dll:
37f04.b6c: CreationTime: 2016-04-13T11:51:55.397563100Z
38f04.b6c: LastWriteTime: 2016-03-16T04:55:53.161694100Z
39f04.b6c: ChangeTime: 2016-04-14T18:02:07.876142900Z
40f04.b6c: FileAttributes: 0x20
41f04.b6c: Size: 0x1dc880
42f04.b6c: NT Headers: 0xf0
43f04.b6c: Timestamp: 0x56e8d499
44f04.b6c: Machine: 0x8664 - amd64
45f04.b6c: Timestamp: 0x56e8d499
46f04.b6c: Image Version: 10.0
47f04.b6c: SizeOfImage: 0x1dd000 (1953792)
48f04.b6c: Resource Dir: 0x1c7000 LB 0x538
49f04.b6c: ProductName: Microsoft® Windows® Operating System
50f04.b6c: ProductVersion: 10.0.10240.16766
51f04.b6c: FileVersion: 10.0.10240.16766 (th1_st1.160315-1811)
52f04.b6c: FileDescription: Windows NT BASE API Client DLL
53f04.b6c: \SystemRoot\System32\apisetschema.dll:
54f04.b6c: CreationTime: 2015-07-10T11:00:04.872098600Z
55f04.b6c: LastWriteTime: 2015-07-10T11:00:04.872098600Z
56f04.b6c: ChangeTime: 2015-12-18T08:27:14.277572100Z
57f04.b6c: FileAttributes: 0x20
58f04.b6c: Size: 0x16760
59f04.b6c: NT Headers: 0xc8
60f04.b6c: Timestamp: 0x559f3e3d
61f04.b6c: Machine: 0x8664 - amd64
62f04.b6c: Timestamp: 0x559f3e3d
63f04.b6c: Image Version: 10.0
64f04.b6c: SizeOfImage: 0x17000 (94208)
65f04.b6c: Resource Dir: 0x16000 LB 0x3f0
66f04.b6c: ProductName: Microsoft® Windows® Operating System
67f04.b6c: ProductVersion: 10.0.10240.16384
68f04.b6c: FileVersion: 10.0.10240.16384 (th1.150709-1700)
69f04.b6c: FileDescription: ApiSet Schema DLL
70f04.b6c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71f04.b6c: supR3HardenedWinFindAdversaries: 0x0
72f04.b6c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\aawinwinxxx\voox'
73f04.b6c: Calling main()
74f04.b6c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
75f04.b6c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\aawinwinxxx\voox'
76f04.b6c: SUPR3HardenedMain: Respawn #1
77f04.b6c: System32: \Device\HarddiskVolume3\Windows\System32
78f04.b6c: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
79f04.b6c: KnownDllPath: C:\Windows\system32
80f04.b6c: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports
81f04.b6c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe)
82f04.b6c: supR3HardNtEnableThreadCreation:
83f04.b6c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff851b8be60 pvNtTerminateThread=00007ff851bb3d50
84f04.b6c: supR3HardenedWinDoReSpawn(1): New child 984.1104 [kernel32].
85f04.b6c: supR3HardNtChildGatherData: PebBaseAddress=00007ff785f73000 cbPeb=0x388
86f04.b6c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff851b20000 uNtDllChildAddr=00007ff851b20000
87f04.b6c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff851b8be60
88f04.b6c: supR3HardenedWinSetupChildInit: Start child.
89f04.b6c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
90f04.b6c: supR3HardNtChildPurify: Startup delay kludge #1/0: 258 ms, 29 sleeps
91f04.b6c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
92f04.b6c: *0000000000000000-ffffffffff08ffff 0x0001/0x0000 0x0000000
93f04.b6c: *0000000000f70000-0000000000f4ffff 0x0004/0x0004 0x0020000
94f04.b6c: *0000000000f90000-0000000000f7bfff 0x0002/0x0002 0x0040000
95f04.b6c: 0000000000fa4000-0000000000f97fff 0x0001/0x0000 0x0000000
96f04.b6c: *0000000000fb0000-0000000000eb4fff 0x0000/0x0004 0x0020000
97f04.b6c: 00000000010ab000-00000000010a7fff 0x0104/0x0004 0x0020000
98f04.b6c: 00000000010ae000-00000000010abfff 0x0004/0x0004 0x0020000
99f04.b6c: *00000000010b0000-00000000010abfff 0x0002/0x0002 0x0040000
100f04.b6c: 00000000010b4000-00000000010a7fff 0x0001/0x0000 0x0000000
101f04.b6c: *00000000010c0000-00000000010bdfff 0x0004/0x0004 0x0020000
102f04.b6c: 00000000010c2000-ffffffff821a3fff 0x0001/0x0000 0x0000000
103f04.b6c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
104f04.b6c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
105f04.b6c: 000000007fff0000-ffff80097a09ffff 0x0001/0x0000 0x0000000
106f04.b6c: *00007ff785f40000-00007ff785f0cfff 0x0002/0x0002 0x0040000
107f04.b6c: *00007ff785f73000-00007ff785f71fff 0x0004/0x0004 0x0020000
108f04.b6c: 00007ff785f74000-00007ff785f69fff 0x0001/0x0000 0x0000000
109f04.b6c: *00007ff785f7e000-00007ff785f7bfff 0x0004/0x0004 0x0020000
110f04.b6c: 00007ff785f80000-00007ff78520ffff 0x0001/0x0000 0x0000000
111f04.b6c: *00007ff786cf0000-00007ff786cf0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
112f04.b6c: 00007ff786cf1000-00007ff786d60fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
113f04.b6c: 00007ff786d61000-00007ff786d61fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
114f04.b6c: 00007ff786d62000-00007ff786da6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
115f04.b6c: 00007ff786da7000-00007ff786da7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
116f04.b6c: 00007ff786da8000-00007ff786da8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
117f04.b6c: 00007ff786da9000-00007ff786dadfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
118f04.b6c: 00007ff786dae000-00007ff786daefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
119f04.b6c: 00007ff786daf000-00007ff786daffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
120f04.b6c: 00007ff786db0000-00007ff786db3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
121f04.b6c: 00007ff786db4000-00007ff786dfbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
122f04.b6c: 00007ff786dfc000-00007ff6bc0e7fff 0x0001/0x0000 0x0000000
123f04.b6c: *00007ff851b10000-00007ff851b0efff 0x0040/0x0040 0x0020000 !!
124f04.b6c: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00007ff851b10000 (LB 0x1000, 00007ff851b10000 LB 0x1000)
125f04.b6c: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [00007ff851b10000/00007ff851b10000 LB 0/0x1000]
126f04.b6c: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/00007ff851b10000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001
127f04.b6c: 00007ff851b11000-00007ff851b01fff 0x0001/0x0000 0x0000000
128f04.b6c: *00007ff851b20000-00007ff851b20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
129f04.b6c: 00007ff851b21000-00007ff851c1dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
130f04.b6c: 00007ff851c1e000-00007ff851c5ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
131f04.b6c: 00007ff851c60000-00007ff851c68fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
132f04.b6c: 00007ff851c69000-00007ff851c76fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
133f04.b6c: 00007ff851c77000-00007ff851c77fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
134f04.b6c: 00007ff851c78000-00007ff851c7afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
135f04.b6c: 00007ff851c7b000-00007ff851ce1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
136f04.b6c: 00007ff851ce2000-00007ff0a39e3fff 0x0001/0x0000 0x0000000
137f04.b6c: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
138f04.b6c: VirtualBox.exe: timestamp 0x57220aaf (rc=VINF_SUCCESS)
139f04.b6c: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports
140f04.b6c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
141f04.b6c: ntdll.dll: Differences in section #1 (.text) between file and memory:
142f04.b6c: 00007ff851b36020 / 0x0016020: 40 != e9
143f04.b6c: 00007ff851b36021 / 0x0016021: 55 != 67
144f04.b6c: 00007ff851b36022 / 0x0016022: 57 != a0
145f04.b6c: 00007ff851b36023 / 0x0016023: 41 != fd
146f04.b6c: 00007ff851b36024 / 0x0016024: 56 != ff
147f04.b6c: Restored 0x2000 bytes of original file content at 00007ff851b35000
148f04.b6c: supR3HardNtChildPurify: cFixes=2 g_fSupAdversaries=0x80000000
149f04.b6c: supR3HardNtChildPurify: Startup delay kludge #1/1: 513 ms, 57 sleeps
150f04.b6c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
151f04.b6c: *0000000000000000-ffffffffff08ffff 0x0001/0x0000 0x0000000
152f04.b6c: *0000000000f70000-0000000000f4ffff 0x0004/0x0004 0x0020000
153f04.b6c: *0000000000f90000-0000000000f7bfff 0x0002/0x0002 0x0040000
154f04.b6c: 0000000000fa4000-0000000000f97fff 0x0001/0x0000 0x0000000
155f04.b6c: *0000000000fb0000-0000000000eb4fff 0x0000/0x0004 0x0020000
156f04.b6c: 00000000010ab000-00000000010a7fff 0x0104/0x0004 0x0020000
157f04.b6c: 00000000010ae000-00000000010abfff 0x0004/0x0004 0x0020000
158f04.b6c: *00000000010b0000-00000000010abfff 0x0002/0x0002 0x0040000
159f04.b6c: 00000000010b4000-00000000010a7fff 0x0001/0x0000 0x0000000
160f04.b6c: *00000000010c0000-00000000010bdfff 0x0004/0x0004 0x0020000
161f04.b6c: 00000000010c2000-ffffffff821a3fff 0x0001/0x0000 0x0000000
162f04.b6c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
163f04.b6c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
164f04.b6c: 000000007fff0000-ffff80097a09ffff 0x0001/0x0000 0x0000000
165f04.b6c: *00007ff785f40000-00007ff785f0cfff 0x0002/0x0002 0x0040000
166f04.b6c: *00007ff785f73000-00007ff785f71fff 0x0004/0x0004 0x0020000
167f04.b6c: 00007ff785f74000-00007ff785f69fff 0x0001/0x0000 0x0000000
168f04.b6c: *00007ff785f7e000-00007ff785f7bfff 0x0004/0x0004 0x0020000
169f04.b6c: 00007ff785f80000-00007ff78520ffff 0x0001/0x0000 0x0000000
170f04.b6c: *00007ff786cf0000-00007ff786cf0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
171f04.b6c: 00007ff786cf1000-00007ff786d60fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
172f04.b6c: 00007ff786d61000-00007ff786d61fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
173f04.b6c: 00007ff786d62000-00007ff786da6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
174f04.b6c: 00007ff786da7000-00007ff786db3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
175f04.b6c: 00007ff786db4000-00007ff786dfbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
176f04.b6c: 00007ff786dfc000-00007ff6bc0d7fff 0x0001/0x0000 0x0000000
177f04.b6c: *00007ff851b20000-00007ff851b20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
178f04.b6c: 00007ff851b21000-00007ff851c1dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
179f04.b6c: 00007ff851c1e000-00007ff851c5ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
180f04.b6c: 00007ff851c60000-00007ff851c63fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
181f04.b6c: 00007ff851c64000-00007ff851c68fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
182f04.b6c: 00007ff851c69000-00007ff851c76fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
183f04.b6c: 00007ff851c77000-00007ff851c77fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
184f04.b6c: 00007ff851c78000-00007ff851c7afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
185f04.b6c: 00007ff851c7b000-00007ff851ce1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
186f04.b6c: 00007ff851ce2000-00007ff0a39e3fff 0x0001/0x0000 0x0000000
187f04.b6c: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
188f04.b6c: supR3HardNtChildPurify: Done after 821 ms and 2 fixes (loop #1).
189f04.b6c: supR3HardNtEnableThreadCreation:
190984.1104: Log file opened: 5.0.20r106931 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0280000
191984.1104: supR3HardenedVmProcessInit: uNtDllAddr=00007ff851b20000 g_uNtVerCombined=0xa0280000
192984.1104: ntdll.dll: timestamp 0x56ad9704 (rc=VINF_SUCCESS)
193984.1104: New simple heap: #1 00000000011d0000 LB 0x400000 (for 1843200 allocation)
194984.1104: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\aawinwinxxx\voox'
195984.1104: System32: \Device\HarddiskVolume3\Windows\System32
196984.1104: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
197984.1104: KnownDllPath: C:\Windows\system32
198984.1104: supR3HardenedVmProcessInit: Opening vboxdrv stub...
199984.1104: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
200984.1104: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
201984.1104: Registered Dll notification callback with NTDLL.
202984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
203984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
204984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
205984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e940000 LB 0x001dd000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
206984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
207984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
208984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f230000 LB 0x000ad000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
209984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
210984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f230000 'C:\Windows\system32\KERNEL32.DLL'
211984.1104: supR3HardenedDllNotificationCallback: load 00007ff786cf0000 LB 0x0010c000 D:\aawinwinxxx\voox\VirtualBox.exe [fFlags=0x0]
212984.1104: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports
213984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe)
214984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe
215984.1104: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff851b8be60 pvNtTerminateThread=00007ff851bb3d50
216f04.b6c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 154 ms.
217984.1104: \SystemRoot\System32\ntdll.dll:
218984.1104: CreationTime: 2016-02-10T12:52:21.621234900Z
219984.1104: LastWriteTime: 2016-01-31T06:24:08.504709500Z
220984.1104: ChangeTime: 2016-02-11T16:14:33.084453300Z
221984.1104: FileAttributes: 0x20
222984.1104: Size: 0x1bd870
223984.1104: NT Headers: 0xd8
224984.1104: Timestamp: 0x56ad9704
225984.1104: Machine: 0x8664 - amd64
226984.1104: Timestamp: 0x56ad9704
227984.1104: Image Version: 10.0
228984.1104: SizeOfImage: 0x1c2000 (1843200)
229984.1104: Resource Dir: 0x15b000 LB 0x65718
230984.1104: ProductName: Microsoft® Windows® Operating System
231984.1104: ProductVersion: 10.0.10240.16683
232984.1104: FileVersion: 10.0.10240.16683 (th1.160130-1842)
233984.1104: FileDescription: NT Layer DLL
234984.1104: \SystemRoot\System32\kernel32.dll:
235984.1104: CreationTime: 2015-07-10T10:59:59.699781600Z
236984.1104: LastWriteTime: 2015-07-10T10:59:59.699781600Z
237984.1104: ChangeTime: 2015-12-21T17:25:44.929083900Z
238984.1104: FileAttributes: 0x20
239984.1104: Size: 0xab830
240984.1104: NT Headers: 0xf0
241984.1104: Timestamp: 0x559f38ad
242984.1104: Machine: 0x8664 - amd64
243984.1104: Timestamp: 0x559f38ad
244984.1104: Image Version: 10.0
245984.1104: SizeOfImage: 0xad000 (708608)
246984.1104: Resource Dir: 0xab000 LB 0x518
247984.1104: ProductName: Microsoft® Windows® Operating System
248984.1104: ProductVersion: 10.0.10240.16384
249984.1104: FileVersion: 10.0.10240.16384 (th1.150709-1700)
250984.1104: FileDescription: Windows NT BASE API Client DLL
251984.1104: \SystemRoot\System32\KernelBase.dll:
252984.1104: CreationTime: 2016-04-13T11:51:55.397563100Z
253984.1104: LastWriteTime: 2016-03-16T04:55:53.161694100Z
254984.1104: ChangeTime: 2016-04-14T18:02:07.876142900Z
255984.1104: FileAttributes: 0x20
256984.1104: Size: 0x1dc880
257984.1104: NT Headers: 0xf0
258984.1104: Timestamp: 0x56e8d499
259984.1104: Machine: 0x8664 - amd64
260984.1104: Timestamp: 0x56e8d499
261984.1104: Image Version: 10.0
262984.1104: SizeOfImage: 0x1dd000 (1953792)
263984.1104: Resource Dir: 0x1c7000 LB 0x538
264984.1104: ProductName: Microsoft® Windows® Operating System
265984.1104: ProductVersion: 10.0.10240.16766
266984.1104: FileVersion: 10.0.10240.16766 (th1_st1.160315-1811)
267984.1104: FileDescription: Windows NT BASE API Client DLL
268984.1104: \SystemRoot\System32\apisetschema.dll:
269984.1104: CreationTime: 2015-07-10T11:00:04.872098600Z
270984.1104: LastWriteTime: 2015-07-10T11:00:04.872098600Z
271984.1104: ChangeTime: 2015-12-18T08:27:14.277572100Z
272984.1104: FileAttributes: 0x20
273984.1104: Size: 0x16760
274984.1104: NT Headers: 0xc8
275984.1104: Timestamp: 0x559f3e3d
276984.1104: Machine: 0x8664 - amd64
277984.1104: Timestamp: 0x559f3e3d
278984.1104: Image Version: 10.0
279984.1104: SizeOfImage: 0x17000 (94208)
280984.1104: Resource Dir: 0x16000 LB 0x3f0
281984.1104: ProductName: Microsoft® Windows® Operating System
282984.1104: ProductVersion: 10.0.10240.16384
283984.1104: FileVersion: 10.0.10240.16384 (th1.150709-1700)
284984.1104: FileDescription: ApiSet Schema DLL
285984.1104: NtOpenDirectoryObject failed on \Driver: 0xc0000022
286984.1104: supR3HardenedWinFindAdversaries: 0x0
287984.1104: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\aawinwinxxx\voox'
288984.1104: Calling main()
289984.1104: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
290984.1104: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\aawinwinxxx\voox'
291984.1104: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports
292984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe)
293984.1104: SUPR3HardenedMain: Respawn #2
294984.1104: supR3HardNtEnableThreadCreation:
295984.1104: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5)
296984.1104: Error relaunching VirtualBox VM process: 5
297Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment 7 --startvm 31138404-1ce1-4ed3-97ad-20a90bc86efb --no-startvm-errormsgbox --sup-hardening-log=D:\aawinwinxxx\vboxxt\7\Logs\VBoxHardening.log'
298984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
299984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
300984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
301984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
302984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
303984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
304984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtopenglvbox4.dll'.
305984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
306984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
307984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'.
308984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'shell32.dll'.
309984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
310984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
311984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'.
312984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll)
313984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll
314984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
315984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
316984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
317984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
318984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
319984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll)
320984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
321984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
322984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
323984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
324984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
325984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
326984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll)
327984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
328984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
329984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
330984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
331984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
332984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'.
333984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'.
334984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
335984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll)
336984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
337984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
338984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
339984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
340984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'user32.dll'.
341984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'gdi32.dll'.
342984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
343984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
344984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
345984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
346984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
347984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
348984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
349984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
350984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
351984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
352984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
353984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
354984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
355984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
356984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
357984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
358984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
359984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
360984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
361984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
362984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
363984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
364984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
365984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
366984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
367984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
368984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
369984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll)
370984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll
371984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
372984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
373984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
374984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
375984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
376984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
377984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
378984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
379984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
380984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
381984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
382984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
383984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
384984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
385984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
386984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll)
387984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll
388984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
389984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
390984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
391984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
392984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
393984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
394984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
395984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
396984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll)
397984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll
398984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
399984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008]
400984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll)
401984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll
402984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
403984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008]
404984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
405984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll)
406984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll
407984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
408984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\vboxrt.dll' [rcNtRedir=0xc0150008]
409984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
410984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
411984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
412984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
413984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll)
414984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll
415984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
416984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
417984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
418984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
419984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
420984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
421984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
422984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
423984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
424984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
425984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
426984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
427984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
428984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
429984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume3\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
430984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
431984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'user32.dll'.
432984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'gdi32.dll'.
433984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'dciman32.dll'.
434984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ddraw.dll)
435984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ddraw.dll
436984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
437984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
438984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
439984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
440984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
441984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
442984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
443984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
444984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
445984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
446984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
447984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
448984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
449984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
450984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
451984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
452984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
453984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
454984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
455984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
456984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
457984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
458984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
459984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'nsi.dll'.
460984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
461984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll)
462984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
463984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
464984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008]
465984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust]
466984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
467984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008]
468984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust]
469984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
470984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008]
471984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust]
472984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
473984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008]
474984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust]
475984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
476984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008]
477984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust]
478984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
479984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
480984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
481984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
482984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
483984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
484984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
485984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
486984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
487984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
488984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
489984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
490984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
491984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008]
492984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust]
493984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
494984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008]
495984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust]
496984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
497984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
498984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust]
499984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
500984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
501984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
502984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
503984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
504984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
505984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
506984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
507984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
508984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
509984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
510984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
511984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
512984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
513984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
514984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'.
515984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\winspool.drv)
516984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winspool.drv
517984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
518984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
519984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
520984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
521984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
522984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
523984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'msctf.dll'.
524984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
525984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
526984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
527984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
528984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
529984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
530984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
531984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
532984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'user32.dll'.
533984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'shlwapi.dll'.
534984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'.
535984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'comctl32.dll'.
536984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'shell32.dll'.
537984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll)
538984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
539984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
540984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
541984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
542984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
543984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008]
544984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust]
545984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
546984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
547984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust]
548984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
549984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
550984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll [lacks WinVerifyTrust]
551984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
552984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
553984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
554984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
555984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
556984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
557984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
558984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
559984.1104: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
560984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
561984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
562984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
563984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
564984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
565984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
566984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
567984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
568984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
569984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
570984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
571984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
572984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
573984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
574984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
575984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
576984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
577984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
578984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
579984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
580984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
581984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
582984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
583984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
584984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
585984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
586984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
587984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
588984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
589984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
590984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
591984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
592984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
593984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
594984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
595984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
596984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
597984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
598984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
599984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
600984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
601984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
602984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
603984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
604984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
605984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
606984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
607984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
608984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
609984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
610984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
611984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
612984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
613984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
614984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
615984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
616984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
617984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
618984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
619984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
620984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
621984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
622984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'.
623984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
624984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
625984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
626984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
627984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
628984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
629984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll)
630984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
631984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
632984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
633984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
634984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
635984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
636984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
637984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
638984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
639984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
640984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
641984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
642984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
643984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
644984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
645984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
646984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
647984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
648984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
649984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
650984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
651984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll)
652984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll
653984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
654984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
655984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
656984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
657984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
658984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
659984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'gdi32.dll'.
660984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
661984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
662984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
663984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
664984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
665984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
666984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
667984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
668984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
669984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
670984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume3\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
671984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
672984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
673984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
674984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'.
675984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
676984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
677984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
678984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
679984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
680984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
681984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
682984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
683984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
684984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
685984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
686984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
687984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
688984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
689984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
690984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
691984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
692984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
693984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
694984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
695984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
696984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
697984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
698984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
699984.1104: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
700984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
701984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
702984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
703984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
704984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume3\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
705984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
706984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
707984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
708984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dciman32.dll)
709984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dciman32.dll
710984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
711984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
712984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
713984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
714984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
715984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
716984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
717984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
718984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
719984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
720984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
721984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
722984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
723984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
724984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
725984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
726984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
727984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
728984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
729984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
730984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
731984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
732984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
733984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
734984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
735984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
736984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
737984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
738984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
739984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
740984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
741984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
742984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
743984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
744984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
745984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
746984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
747984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
748984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
749984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
750984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
751984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
752984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
753984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
754984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
755984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
756984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
757984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
758984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
759984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
760984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
761984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
762984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
763984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
764984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
765984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
766984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll [lacks WinVerifyTrust]
767984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
768984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
769984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust]
770984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust]
771984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust]
772984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll [lacks WinVerifyTrust]
773984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll [lacks WinVerifyTrust]
774984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
775984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust]
776984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
777984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
778984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
779984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
780984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll)
781984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll
782984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [lacks WinVerifyTrust]
783984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
784984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
785984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
786984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust]
787984.1104: supR3HardenedDllNotificationCallback: load 00007ff8515f0000 LB 0x0009d000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
788984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
789984.1104: supR3HardenedDllNotificationCallback: load 00007ff851690000 LB 0x00126000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
790984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
791984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f9c0000 LB 0x0005b000 C:\Windows\system32\sechost.dll [fFlags=0x0]
792984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
793984.1104: supR3HardenedDllNotificationCallback: load 00007ff8518a0000 LB 0x000a6000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
794984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
795984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f340000 LB 0x0014e000 C:\Windows\system32\USER32.dll [fFlags=0x0]
796984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
797984.1104: supR3HardenedDllNotificationCallback: load 00007ff851460000 LB 0x00186000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
798984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
799984.1104: supR3HardenedDllNotificationCallback: load 00007ff846000000 LB 0x00008000 C:\Windows\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
800984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
801984.1104: supR3HardenedDllNotificationCallback: load 00007ff8310f0000 LB 0x000f6000 C:\Windows\SYSTEM32\DDRAW.dll [fFlags=0x0]
802984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
803984.1104: supR3HardenedDllNotificationCallback: load 00007ff833770000 LB 0x0002e000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
804984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust]
805984.1104: supR3HardenedDllNotificationCallback: load 00007ff8311f0000 LB 0x00128000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
806984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
807984.1104: supR3HardenedDllNotificationCallback: load 000000006ed60000 LB 0x000d2000 D:\aawinwinxxx\voox\MSVCR100.dll [fFlags=0x0]
808984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust]
809984.1104: supR3HardenedDllNotificationCallback: load 000000006ecc0000 LB 0x00098000 D:\aawinwinxxx\voox\MSVCP100.dll [fFlags=0x0]
810984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust]
811984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f1b0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
812984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
813984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f4a0000 LB 0x00069000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
814984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
815984.1104: supR3HardenedDllNotificationCallback: load 00007ff831be0000 LB 0x0050f000 D:\aawinwinxxx\voox\VBoxRT.dll [fFlags=0x0]
816984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
817984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fa20000 LB 0x0027c000 C:\Windows\system32\combase.dll [fFlags=0x0]
818984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
819984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fda0000 LB 0x00141000 C:\Windows\system32\ole32.dll [fFlags=0x0]
820984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
821984.1104: supR3HardenedDllNotificationCallback: load 000000006e9e0000 LB 0x002de000 D:\aawinwinxxx\voox\QtCoreVBox4.dll [fFlags=0x0]
822984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust]
823984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e660000 LB 0x000b3000 C:\Windows\system32\shcore.dll [fFlags=0x0]
824984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
825984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'combase.dll'.
826984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
827984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
828984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f740000 LB 0x00051000 C:\Windows\system32\shlwapi.dll [fFlags=0x0]
829984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
830984.1104: supR3HardenedDllNotificationCallback: load 00007ff847120000 LB 0x000aa000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\COMCTL32.dll [fFlags=0x0]
831984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [lacks WinVerifyTrust]
832984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e510000 LB 0x0000f000 C:\Windows\system32\kernel.appcore.dll [fFlags=0x0]
833984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'.
834984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
835984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
836984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
837984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e560000 LB 0x0004a000 C:\Windows\system32\powrprof.dll [fFlags=0x0]
838984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
839984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
840984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
841984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
842984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e520000 LB 0x00013000 C:\Windows\system32\profapi.dll [fFlags=0x0]
843984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
844984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
845984.1104: supR3HardenedDllNotificationCallback: load 00007ff84eb20000 LB 0x00628000 C:\Windows\system32\windows.storage.dll [fFlags=0x0]
846984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
847984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
848984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
849984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'profapi.dll'.
850984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
851984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
852984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fef0000 LB 0x01568000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
853984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
854984.1104: supR3HardenedDllNotificationCallback: load 00007ff8517c0000 LB 0x000d7000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
855984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
856984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fce0000 LB 0x000be000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
857984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
858984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f5e0000 LB 0x0015c000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
859984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust]
860984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fca0000 LB 0x00036000 C:\Windows\system32\IMM32.dll [fFlags=0x0]
861984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
862984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e8f0000 LB 0x00044000 C:\Windows\system32\cfgmgr32.dll [fFlags=0x0]
863984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
864984.1104: supR3HardenedDllNotificationCallback: load 00007ff84ce20000 LB 0x00027000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
865984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust]
866984.1104: supR3HardenedDllNotificationCallback: load 00007ff84c700000 LB 0x0002c000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
867984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
868984.1104: supR3HardenedDllNotificationCallback: load 00007ff84c840000 LB 0x00023000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
869984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
870984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e3a0000 LB 0x00028000 C:\Windows\SYSTEM32\bcrypt.dll [fFlags=0x0]
871984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
872984.1104: supR3HardenedDllNotificationCallback: load 00007ff847090000 LB 0x00084000 C:\Windows\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
873984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [lacks WinVerifyTrust]
874984.1104: supR3HardenedDllNotificationCallback: load 000000006e070000 LB 0x0096c000 D:\aawinwinxxx\voox\QtGuiVBox4.dll [fFlags=0x0]
875984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll [lacks WinVerifyTrust]
876984.1104: supR3HardenedDllNotificationCallback: load 000000006df90000 LB 0x000dc000 D:\aawinwinxxx\voox\QtOpenGLVBox4.dll [fFlags=0x0]
877984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll [lacks WinVerifyTrust]
878984.1104: supR3HardenedDllNotificationCallback: load 00007ff831320000 LB 0x008c0000 D:\aawinwinxxx\voox\VirtualBox.dll [fFlags=0x0]
879984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll [lacks WinVerifyTrust]
880984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
881984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
882984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
883984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
884984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
885984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
886984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
887984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
888984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
889984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
890984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
891984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
892984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
893984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
894984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
895984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
896984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
897984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
898984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
899984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
900984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
901984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
902984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
903984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
904984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
905984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
906984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
907984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
908984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
909984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
910984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
911984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
912984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
913984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
914984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
915984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
916984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
917984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
918984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
919984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
920984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
921984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f230000 'C:\Windows\system32\kernel32.dll'
922984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
923984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
924984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
925984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
926984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
927984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
928984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
929984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
930984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
931984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
932984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
933984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
934984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
935984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
936984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
937984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
938984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
939984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
940984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
941984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
942984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
943984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
944984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
945984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
946984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
947984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
948984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
949984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
950984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
951984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
952984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
953984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
954984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
955984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
956984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
957984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
958984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
959984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
960984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
961984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
962984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
963984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
964984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
965984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
966984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
967984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
968984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
969984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
970984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
971984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
972984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
973984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
974984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
975984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
976984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
977984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
978984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
979984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
980984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
981984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
982984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
983984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
984984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
985984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
986984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
987984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
988984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
989984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
990984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
991984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
992984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust]
993984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll'
994984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
995984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
996984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84fca0000 'C:\Windows\system32\imm32.dll'
997984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831320000 'D:\aawinwinxxx\voox\VirtualBox.dll'
998984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
999984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1000984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84c840000 'C:\Windows\system32\winmm.dll'
1001984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1002984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
1003984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
1004984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll)
1005984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
1006984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1007984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1008984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1009984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1010984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1011984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1012984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1013984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1014984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1015984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
1016984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
1017984.1104: supR3HardenedDllNotificationCallback: load 00007ff84cd80000 LB 0x00096000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
1018984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
1019984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll'
1020984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1021984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
1022984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'.
1023984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)
1024984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
1025984.1104: supR3HardenedDllNotificationCallback: load 00007ff84c480000 LB 0x00022000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
1026984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [lacks WinVerifyTrust]
1027984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
1028984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
1029984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e330000 LB 0x0006b000 C:\Windows\SYSTEM32\bcryptPrimitives.dll [fFlags=0x0]
1030984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1031984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1032984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1033984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1034984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1035984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1036984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1037984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1038984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1039984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1040984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1041984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1042984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84fef0000 'C:\Windows\system32\shell32.dll'
1043984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1044984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1045984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f230000 'C:\Windows\system32\kernel32.dll'
1046984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
1047984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1048984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll'
1049984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
1050984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1051984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll'
1052984.1104: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
1053984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1054984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
1055984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1056984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f340000 'C:\Windows\system32\user32.dll'
1057984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
1058984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1059984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll'
1060984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1061984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f340000 'C:\Windows\system32\user32.dll'
1062984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1063984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff851460000 'C:\Windows\system32\gdi32.dll'
1064984.1104: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
1065984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1066984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
1067984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1068984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f340000 'C:\Windows\system32\user32.dll'
1069984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
1070984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\SYSTEM32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1071984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84c840000 'C:\Windows\SYSTEM32\WINMM.dll'
1072984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1073984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff851690000 'C:\Windows\system32\rpcrt4.dll'
1074984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust]
1075984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
1076984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f5e0000 'C:\Windows\system32\MSCTF.dll'
1077984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1078984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
1079984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'.
1080984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'.
1081984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll)
1082984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
1083984.1104: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll' [redir]
1084984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [lacks WinVerifyTrust]
1085984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
1086984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
1087984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1088984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
1089984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1090984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll)
1091984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\propsys.dll
1092984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84c2d0000 LB 0x00183000 C:\Windows\SYSTEM32\PROPSYS.dll [fFlags=0x0]
1093984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll [lacks WinVerifyTrust]
1094984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff847760000 LB 0x00072000 C:\Windows\SYSTEM32\MMDevAPI.DLL [fFlags=0x0]
1095984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
1096984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1097984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'.
1098984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
1099984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'winmm.dll'.
1100984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'avrt.dll'.
1101984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'mmdevapi.dll'.
1102984.1fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv)
1103984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
1104984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
1105984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
1106984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
1107984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
1108984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
1109984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll)
1110984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll
1111984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1112984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1113984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
1114984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1115984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1116984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1117984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
1118984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
1119984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1120984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll)
1121984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll
1122984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1123984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1124984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1125984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1126984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1127984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1128984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1129984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1130984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
1131984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1132984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1133984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1134984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1135984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1136984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1137984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1138984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1139984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
1140984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust]
1141984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff846e30000 LB 0x00008000 C:\Windows\SYSTEM32\ksuser.dll [fFlags=0x0]
1142984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
1143984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff846e20000 LB 0x0000b000 C:\Windows\SYSTEM32\AVRT.dll [fFlags=0x0]
1144984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust]
1145984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff848510000 LB 0x00041000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
1146984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1147984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1148984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1149984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1150984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1151984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
1152984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1153984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff847760000 'C:\Windows\system32\MMDEVAPI.DLL'
1154984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1155984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
1156984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1157984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll)
1158984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
1159984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
1160984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust]
1161984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1162984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1163984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1164984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1165984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1166984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1167984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1168984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1169984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1170984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1171984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1172984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
1173984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1174984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1175984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1176984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1177984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1178984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1179984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1180984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff847120000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll'
1181984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1182984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1183984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1184984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1185984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1186984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1187984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1188984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
1189984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
1190984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'mmdevapi.dll'.
1191984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll)
1192984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
1193984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
1194984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
1195984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
1196984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1197984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1198984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
1199984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1200984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1201984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1202984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1203984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1204984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1205984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1206984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
1207984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1208984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'combase.dll'.
1209984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
1210984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
1211984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
1212984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84b810000 LB 0x00131000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
1213984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [lacks WinVerifyTrust]
1214984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff841a50000 LB 0x00085000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
1215984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
1216984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff841a50000 'C:\Windows\system32\AUDIOSES.DLL'
1217984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1218984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1219984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1220984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1221984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1222984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1223984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
1224984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1225984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1226984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1227984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1228984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1229984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1230984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1231984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1232984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1233984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1234984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1235984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1236984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1237984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1238984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
1239984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv'
1240984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1241984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
1242984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'.
1243984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
1244984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'.
1245984.1fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv)
1246984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv
1247984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1248984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1249984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
1250984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1251984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1252984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1253984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
1254984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
1255984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1256984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll)
1257984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll
1258984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
1259984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
1260984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
1261984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1262984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1263984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1264984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1265984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1266984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1267984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1268984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1269984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
1270984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff848620000 LB 0x0001c000 C:\Windows\SYSTEM32\MSACM32.dll [fFlags=0x0]
1271984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
1272984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84be60000 LB 0x0000c000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
1273984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1274984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1275984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1276984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1277984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1278984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1279984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1280984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1281984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1282984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1283984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1284984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1285984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1286984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1287984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1288984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1289984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1290984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1291984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1292984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1293984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1294984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1295984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1296984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1297984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
1298984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv'
1299984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1300984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'.
1301984.1fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\midimap.dll)
1302984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
1303984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1304984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1305984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
1306984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1307984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1308984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1309984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1310984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
1311984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84af80000 LB 0x0000a000 C:\Windows\system32\midimap.dll [fFlags=0x0]
1312984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
1313984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll'
1314984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
1315984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1316984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll'
1317984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
1318984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1319984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll'
1320984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
1321984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1322984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll'
1323984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
1324984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
1325984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84fda0000 'C:\Windows\system32\ole32.dll'
1326984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f530000 LB 0x000a5000 C:\Windows\system32\clbcatq.dll [fFlags=0x0]
1327984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1328984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1329984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
1330984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
1331984.1104: \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime: Owner is administrators group.
1332984.1104: supHardenedWinVerifyImageByHandle: -> -23021 (\Device\HarddiskVolume3\Windows\System32\SogouTSF.ime)
1333984.1104: Error (rc=0):
1334984.1104: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime: None of the 1 path(s) have a trust anchor.: \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime
1335984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime
1336984.1104: Error (rc=0):
1337984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190
1338984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime'
1339984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime [lacks WinVerifyTrust]
1340984.1104: Error (rc=0):
1341984.1104: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=1 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime
1342984.1104: Error (rc=0):
1343984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190
1344984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime'
1345984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime [lacks WinVerifyTrust]
1346984.1104: Error (rc=0):
1347984.1104: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime
1348984.1104: Error (rc=0):
1349984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190
1350984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime'
1351984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime [lacks WinVerifyTrust]
1352984.1104: Error (rc=0):
1353984.1104: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=3 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime
1354984.1104: Error (rc=0):
1355984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190
1356984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime'
1357f04.b6c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 37490 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy