VirtualBox

Ticket #15827: VBoxHardening.4.log

File VBoxHardening.4.log, 197.7 KB (added by vendan, 7 years ago)
Line 
126e8.3328: Log file opened: 5.1.26r117224 g_hStartupLog=00000000000001a0 g_uNtVerCombined=0xa03ad700
226e8.3328: \SystemRoot\System32\ntdll.dll:
326e8.3328: CreationTime: 2017-07-11T05:40:11.983760300Z
426e8.3328: LastWriteTime: 2017-07-11T05:40:11.983760300Z
526e8.3328: ChangeTime: 2017-08-11T04:13:32.223467500Z
626e8.3328: FileAttributes: 0x20
726e8.3328: Size: 0x1d7450
826e8.3328: NT Headers: 0xe0
926e8.3328: Timestamp: 0xa329d3a8
1026e8.3328: Machine: 0x8664 - amd64
1126e8.3328: Timestamp: 0xa329d3a8
1226e8.3328: Image Version: 10.0
1326e8.3328: SizeOfImage: 0x1db000 (1945600)
1426e8.3328: Resource Dir: 0x170000 LB 0x69398
1526e8.3328: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1626e8.3328: [Raw version resource data: 0x1700f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1726e8.3328: ProductName: Microsoft® Windows® Operating System
1826e8.3328: ProductVersion: 10.0.15063.447
1926e8.3328: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
2026e8.3328: FileDescription: NT Layer DLL
2126e8.3328: \SystemRoot\System32\kernel32.dll:
2226e8.3328: CreationTime: 2017-07-11T05:40:08.546207000Z
2326e8.3328: LastWriteTime: 2017-07-11T05:40:08.546207000Z
2426e8.3328: ChangeTime: 2017-08-11T04:13:32.223467500Z
2526e8.3328: FileAttributes: 0x20
2626e8.3328: Size: 0xad068
2726e8.3328: NT Headers: 0xf8
2826e8.3328: Timestamp: 0xf5fa43df
2926e8.3328: Machine: 0x8664 - amd64
3026e8.3328: Timestamp: 0xf5fa43df
3126e8.3328: Image Version: 10.0
3226e8.3328: SizeOfImage: 0xae000 (712704)
3326e8.3328: Resource Dir: 0xac000 LB 0x520
3426e8.3328: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3526e8.3328: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3626e8.3328: ProductName: Microsoft® Windows® Operating System
3726e8.3328: ProductVersion: 10.0.15063.296
3826e8.3328: FileVersion: 10.0.15063.296 (WinBuild.160101.0800)
3926e8.3328: FileDescription: Windows NT BASE API Client DLL
4026e8.3328: \SystemRoot\System32\KernelBase.dll:
4126e8.3328: CreationTime: 2017-08-11T04:13:22.143335700Z
4226e8.3328: LastWriteTime: 2017-08-11T04:13:22.143335700Z
4326e8.3328: ChangeTime: 2017-08-11T00:16:19.295229400Z
4426e8.3328: FileAttributes: 0x20
4526e8.3328: Size: 0x249df0
4626e8.3328: NT Headers: 0x100
4726e8.3328: Timestamp: 0x5405b5
4826e8.3328: Machine: 0x8664 - amd64
4926e8.3328: Timestamp: 0x5405b5
5026e8.3328: Image Version: 10.0
5126e8.3328: SizeOfImage: 0x249000 (2396160)
5226e8.3328: Resource Dir: 0x22a000 LB 0x548
5326e8.3328: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5426e8.3328: [Raw version resource data: 0x22a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5526e8.3328: ProductName: Microsoft® Windows® Operating System
5626e8.3328: ProductVersion: 10.0.15063.502
5726e8.3328: FileVersion: 10.0.15063.502 (WinBuild.160101.0800)
5826e8.3328: FileDescription: Windows NT BASE API Client DLL
5926e8.3328: \SystemRoot\System32\apisetschema.dll:
6026e8.3328: CreationTime: 2017-03-18T20:57:35.373527900Z
6126e8.3328: LastWriteTime: 2017-03-18T20:57:35.373527900Z
6226e8.3328: ChangeTime: 2017-08-11T04:05:28.893106200Z
6326e8.3328: FileAttributes: 0x20
6426e8.3328: Size: 0x1ada0
6526e8.3328: NT Headers: 0xc0
6626e8.3328: Timestamp: 0x76544b2
6726e8.3328: Machine: 0x8664 - amd64
6826e8.3328: Timestamp: 0x76544b2
6926e8.3328: Image Version: 10.0
7026e8.3328: SizeOfImage: 0x1b000 (110592)
7126e8.3328: Resource Dir: 0x1a000 LB 0x408
7226e8.3328: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7326e8.3328: [Raw version resource data: 0x1a060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
7426e8.3328: ProductName: Microsoft® Windows® Operating System
7526e8.3328: ProductVersion: 10.0.15063.0
7626e8.3328: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
7726e8.3328: FileDescription: ApiSet Schema DLL
7826e8.3328: Found driver SysPlant (0x1)
7926e8.3328: Found driver SymNetS (0x2)
8026e8.3328: Found driver SRTSPX (0x2)
8126e8.3328: Found driver SymEvent (0x2)
8226e8.3328: Found driver SymIRON (0x2)
8326e8.3328: supR3HardenedWinFindAdversaries: 0x10003
8426e8.3328: \SystemRoot\System32\drivers\SysPlant.sys:
8526e8.3328: CreationTime: 2017-08-10T13:47:29.069850400Z
8626e8.3328: LastWriteTime: 2017-08-10T13:47:29.101103900Z
8726e8.3328: ChangeTime: 2017-08-11T00:20:06.858234300Z
8826e8.3328: FileAttributes: 0x20
8926e8.3328: Size: 0x2fd38
9026e8.3328: NT Headers: 0xf0
9126e8.3328: Timestamp: 0x58fbb6da
9226e8.3328: Machine: 0x8664 - amd64
9326e8.3328: Timestamp: 0x58fbb6da
9426e8.3328: Image Version: 5.0
9526e8.3328: SizeOfImage: 0x2f000 (192512)
9626e8.3328: Resource Dir: 0x2d000 LB 0x49c
9726e8.3328: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
9826e8.3328: [Raw version resource data: 0x2d0b8 LB 0x3e4, codepage 0x4e4 (reserved 0x0)]
9926e8.3328: ProductName: Symantec CMC Firewall
10026e8.3328: ProductVersion: 14.0.2395.0200
10126e8.3328: FileVersion: 14.0.2395.0200
10226e8.3328: FileDescription: Symantec CMC Firewall SysPlant
10326e8.3328: \SystemRoot\System32\sysfer.dll:
10426e8.3328: CreationTime: 2017-08-10T13:47:29.038596900Z
10526e8.3328: LastWriteTime: 2017-08-10T13:47:29.069850400Z
10626e8.3328: ChangeTime: 2017-08-11T00:41:40.828923800Z
10726e8.3328: FileAttributes: 0x20
10826e8.3328: Size: 0x7aae8
10926e8.3328: NT Headers: 0x108
11026e8.3328: Timestamp: 0x58fbb6f1
11126e8.3328: Machine: 0x8664 - amd64
11226e8.3328: Timestamp: 0x58fbb6f1
11326e8.3328: Image Version: 0.0
11426e8.3328: SizeOfImage: 0x8e000 (581632)
11526e8.3328: Resource Dir: 0x8a000 LB 0x658
11626e8.3328: [Version info resource found at 0xc8! (ID/Name: 0x1; SubID/SubName: 0x409)]
11726e8.3328: [Raw version resource data: 0x8a100 LB 0x3d8, codepage 0x4e4 (reserved 0x0)]
11826e8.3328: ProductName: Symantec CMC Firewall
11926e8.3328: ProductVersion: 14.0.2395.0200
12026e8.3328: FileVersion: 14.0.2395.0200
12126e8.3328: FileDescription: Symantec CMC Firewall sysfer
12226e8.3328: \SystemRoot\System32\drivers\symevent64x86.sys:
12326e8.3328: CreationTime: 2017-08-10T13:48:30.395402700Z
12426e8.3328: LastWriteTime: 2017-08-10T13:48:30.207852100Z
12526e8.3328: ChangeTime: 2017-08-11T00:20:06.858234300Z
12626e8.3328: FileAttributes: 0x20
12726e8.3328: Size: 0x190d0
12826e8.3328: NT Headers: 0xe0
12926e8.3328: Timestamp: 0x584f629e
13026e8.3328: Machine: 0x8664 - amd64
13126e8.3328: Timestamp: 0x584f629e
13226e8.3328: Image Version: 6.2
13326e8.3328: SizeOfImage: 0x23000 (143360)
13426e8.3328: Resource Dir: 0x21000 LB 0x3c8
13526e8.3328: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
13626e8.3328: [Raw version resource data: 0x210b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
13726e8.3328: ProductName: SYMEVENT
13826e8.3328: ProductVersion: 14.0.4.16
13926e8.3328: FileVersion: 14.0.4.16
14026e8.3328: FileDescription: Symantec Event Library
14126e8.3328: \SystemRoot\System32\drivers\privman.sys:
14226e8.3328: CreationTime: 2017-08-10T13:42:45.152311700Z
14326e8.3328: LastWriteTime: 2017-06-22T19:55:22.000000000Z
14426e8.3328: ChangeTime: 2017-08-11T00:20:48.288224500Z
14526e8.3328: FileAttributes: 0x20
14626e8.3328: Size: 0x10630
14726e8.3328: NT Headers: 0x100
14826e8.3328: Timestamp: 0x594be0d5
14926e8.3328: Machine: 0x8664 - amd64
15026e8.3328: Timestamp: 0x594be0d5
15126e8.3328: Image Version: 6.1
15226e8.3328: SizeOfImage: 0xf000 (61440)
15326e8.3328: Resource Dir: 0xb000 LB 0x2fa8
15426e8.3328: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x0)]
15526e8.3328: [Raw version resource data: 0xb0a0 LB 0x33c, codepage 0x0 (reserved 0x0)]
15626e8.3328: ProductName: PowerBroker for Windows
15726e8.3328: ProductVersion: 7.3.0.0
15826e8.3328: FileVersion: 7.3.0.0
15926e8.3328: FileDescription: PowerBroker for Windows
16026e8.3328: \SystemRoot\System32\privman64.dll:
16126e8.3328: CreationTime: 2017-06-22T17:52:44.000000000Z
16226e8.3328: LastWriteTime: 2017-06-22T17:52:44.000000000Z
16326e8.3328: ChangeTime: 2017-08-11T00:20:48.288224500Z
16426e8.3328: FileAttributes: 0x20
16526e8.3328: Size: 0x39100
16626e8.3328: NT Headers: 0xf8
16726e8.3328: Timestamp: 0x594be02a
16826e8.3328: Machine: 0x8664 - amd64
16926e8.3328: Timestamp: 0x594be02a
17026e8.3328: Image Version: 0.0
17126e8.3328: SizeOfImage: 0x3a000 (237568)
17226e8.3328: Resource Dir: 0x38000 LB 0x578
17326e8.3328: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x0)]
17426e8.3328: [Raw version resource data: 0x380a0 LB 0x37c, codepage 0x4e4 (reserved 0x0)]
17526e8.3328: ProductName: PowerBroker for Windows
17626e8.3328: ProductVersion: 7.3.0.0
17726e8.3328: FileVersion: 7.3.0.0
17826e8.3328: FileDescription: BeyondTrust PowerBroker for Windows DLL
17926e8.3328: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
18026e8.3328: Calling main()
18126e8.3328: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
18226e8.3328: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
18326e8.3328: SUPR3HardenedMain: Respawn #1
18426e8.3328: System32: \Device\HarddiskVolume4\Windows\System32
18526e8.3328: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
18626e8.3328: KnownDllPath: C:\WINDOWS\System32
18726e8.3328: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
18826e8.3328: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
18926e8.3328: supR3HardNtEnableThreadCreation:
19026e8.3328: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffefc819ac0 pvNtTerminateThread=00007ffefc845df0
19126e8.3328: supR3HardenedWinDoReSpawn(1): New child 2ab4.3454 [kernel32].
19226e8.3328: supR3HardNtChildGatherData: PebBaseAddress=0000000000922000 cbPeb=0x388
19326e8.3328: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffefc7a0000 uNtDllChildAddr=00007ffefc7a0000
19426e8.3328: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffefc819ac0
19526e8.3328: supR3HardenedWinSetupChildInit: Start child.
19626e8.3328: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
19726e8.3328: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 61 sleeps
19826e8.3328: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
19926e8.3328: *0000000000000000-000000000069ffff 0x0001/0x0000 0x0000000
20026e8.3328: *00000000006a0000-00000000006bffff 0x0004/0x0004 0x0020000
20126e8.3328: *00000000006c0000-00000000006d7fff 0x0002/0x0002 0x0040000
20226e8.3328: 00000000006d8000-00000000006dffff 0x0001/0x0000 0x0000000
20326e8.3328: *00000000006e0000-00000000007dafff 0x0000/0x0004 0x0020000
20426e8.3328: 00000000007db000-00000000007ddfff 0x0104/0x0004 0x0020000
20526e8.3328: 00000000007de000-00000000007dffff 0x0004/0x0004 0x0020000
20626e8.3328: *00000000007e0000-00000000007e3fff 0x0002/0x0002 0x0040000
20726e8.3328: 00000000007e4000-00000000007effff 0x0001/0x0000 0x0000000
20826e8.3328: *00000000007f0000-00000000007f0fff 0x0004/0x0004 0x0020000
20926e8.3328: 00000000007f1000-00000000007fffff 0x0001/0x0000 0x0000000
21026e8.3328: *0000000000800000-0000000000921fff 0x0000/0x0004 0x0020000
21126e8.3328: 0000000000922000-0000000000924fff 0x0004/0x0004 0x0020000
21226e8.3328: 0000000000925000-00000000009fffff 0x0000/0x0004 0x0020000
21326e8.3328: 0000000000a00000-000000007ffdffff 0x0001/0x0000 0x0000000
21426e8.3328: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
21526e8.3328: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
21626e8.3328: 000000007fff0000-00007ff7a7ecffff 0x0001/0x0000 0x0000000
21726e8.3328: *00007ff7a7ed0000-00007ff7a7ef2fff 0x0002/0x0002 0x0040000
21826e8.3328: 00007ff7a7ef3000-00007ff7a7f6ffff 0x0001/0x0000 0x0000000
21926e8.3328: *00007ff7a7f70000-00007ff7a7f70fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22026e8.3328: 00007ff7a7f71000-00007ff7a7fe0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22126e8.3328: 00007ff7a7fe1000-00007ff7a7fe1fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22226e8.3328: 00007ff7a7fe2000-00007ff7a8027fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22326e8.3328: 00007ff7a8028000-00007ff7a8028fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22426e8.3328: 00007ff7a8029000-00007ff7a8029fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22526e8.3328: 00007ff7a802a000-00007ff7a802efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22626e8.3328: 00007ff7a802f000-00007ff7a802ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22726e8.3328: 00007ff7a8030000-00007ff7a8030fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22826e8.3328: 00007ff7a8031000-00007ff7a8034fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
22926e8.3328: 00007ff7a8035000-00007ff7a807cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
23026e8.3328: 00007ff7a807d000-00007ff7a807ffff 0x0001/0x0000 0x0000000
23126e8.3328: *00007ff7a8080000-00007ff7a8080fff 0x0004/0x0004 0x0020000
23226e8.3328: 00007ff7a8081000-00007ffefc79ffff 0x0001/0x0000 0x0000000
23326e8.3328: *00007ffefc7a0000-00007ffefc7a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23426e8.3328: 00007ffefc7a1000-00007ffefc8affff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23526e8.3328: 00007ffefc8b0000-00007ffefc8f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23626e8.3328: 00007ffefc8f5000-00007ffefc8fcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23726e8.3328: 00007ffefc8fd000-00007ffefc90afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23826e8.3328: 00007ffefc90b000-00007ffefc90bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23926e8.3328: 00007ffefc90c000-00007ffefc90efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
24026e8.3328: 00007ffefc90f000-00007ffefc97afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
24126e8.3328: 00007ffefc97b000-00007ffffffdffff 0x0001/0x0000 0x0000000
24226e8.3328: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
24326e8.3328: VirtualBox.exe: timestamp 0x5979cfa2 (rc=VINF_SUCCESS)
24426e8.3328: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
24526e8.3328: VirtualBox.exe: Differences in section #0 (headers) between file and memory:
24626e8.3328: 00007ff7a7f70162 / 0x0000162: 00 != 11
24726e8.3328: 00007ff7a7f70164 / 0x0000164: 00 != 14
24826e8.3328: Restored 0x400 bytes of original file content at 00007ff7a7f70000
24926e8.3328: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
25026e8.3328: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x10003
25126e8.3328: supR3HardNtChildPurify: Startup delay kludge #1/1: 520 ms, 61 sleeps
25226e8.3328: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
25326e8.3328: *0000000000000000-000000000069ffff 0x0001/0x0000 0x0000000
25426e8.3328: *00000000006a0000-00000000006bffff 0x0004/0x0004 0x0020000
25526e8.3328: *00000000006c0000-00000000006d7fff 0x0002/0x0002 0x0040000
25626e8.3328: 00000000006d8000-00000000006dffff 0x0001/0x0000 0x0000000
25726e8.3328: *00000000006e0000-00000000007dafff 0x0000/0x0004 0x0020000
25826e8.3328: 00000000007db000-00000000007ddfff 0x0104/0x0004 0x0020000
25926e8.3328: 00000000007de000-00000000007dffff 0x0004/0x0004 0x0020000
26026e8.3328: *00000000007e0000-00000000007e3fff 0x0002/0x0002 0x0040000
26126e8.3328: 00000000007e4000-00000000007effff 0x0001/0x0000 0x0000000
26226e8.3328: *00000000007f0000-00000000007f0fff 0x0004/0x0004 0x0020000
26326e8.3328: 00000000007f1000-00000000007fffff 0x0001/0x0000 0x0000000
26426e8.3328: *0000000000800000-0000000000921fff 0x0000/0x0004 0x0020000
26526e8.3328: 0000000000922000-0000000000924fff 0x0004/0x0004 0x0020000
26626e8.3328: 0000000000925000-00000000009fffff 0x0000/0x0004 0x0020000
26726e8.3328: 0000000000a00000-000000007ffdffff 0x0001/0x0000 0x0000000
26826e8.3328: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
26926e8.3328: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
27026e8.3328: 000000007fff0000-00007ff7a7ecffff 0x0001/0x0000 0x0000000
27126e8.3328: *00007ff7a7ed0000-00007ff7a7ef2fff 0x0002/0x0002 0x0040000
27226e8.3328: 00007ff7a7ef3000-00007ff7a7f6ffff 0x0001/0x0000 0x0000000
27326e8.3328: *00007ff7a7f70000-00007ff7a7f70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27426e8.3328: 00007ff7a7f71000-00007ff7a7fe0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27526e8.3328: 00007ff7a7fe1000-00007ff7a7fe1fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27626e8.3328: 00007ff7a7fe2000-00007ff7a8027fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27726e8.3328: 00007ff7a8028000-00007ff7a8034fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27826e8.3328: 00007ff7a8035000-00007ff7a807cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
27926e8.3328: 00007ff7a807d000-00007ff7a807ffff 0x0001/0x0000 0x0000000
28026e8.3328: *00007ff7a8080000-00007ff7a8080fff 0x0004/0x0004 0x0020000
28126e8.3328: 00007ff7a8081000-00007ffefc79ffff 0x0001/0x0000 0x0000000
28226e8.3328: *00007ffefc7a0000-00007ffefc7a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28326e8.3328: 00007ffefc7a1000-00007ffefc8affff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28426e8.3328: 00007ffefc8b0000-00007ffefc8f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28526e8.3328: 00007ffefc8f5000-00007ffefc8f8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28626e8.3328: 00007ffefc8f9000-00007ffefc8fcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28726e8.3328: 00007ffefc8fd000-00007ffefc90afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28826e8.3328: 00007ffefc90b000-00007ffefc90bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28926e8.3328: 00007ffefc90c000-00007ffefc90efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
29026e8.3328: 00007ffefc90f000-00007ffefc97afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
29126e8.3328: 00007ffefc97b000-00007ffffffdffff 0x0001/0x0000 0x0000000
29226e8.3328: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
29326e8.3328: supR3HardNtChildPurify: Done after 1072 ms and 1 fixes (loop #1).
2942ab4.3454: Log file opened: 5.1.26r117224 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03ad700
2952ab4.3454: supR3HardenedVmProcessInit: uNtDllAddr=00007ffefc7a0000 g_uNtVerCombined=0xa03ad700
2962ab4.3454: ntdll.dll: timestamp 0xa329d3a8 (rc=VINF_SUCCESS)
29726e8.3328: supR3HardNtEnableThreadCreation:
2982ab4.3454: New simple heap: #1 0000000000b00000 LB 0x400000 (for 1945600 allocation)
2992ab4.3454: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
3002ab4.3454: System32: \Device\HarddiskVolume4\Windows\System32
3012ab4.3454: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
3022ab4.3454: KnownDllPath: C:\WINDOWS\System32
3032ab4.3454: supR3HardenedVmProcessInit: Opening vboxdrv stub...
3042ab4.3454: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3052ab4.3454: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3062ab4.3454: Registered Dll notification callback with NTDLL.
3072ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
3082ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
3092ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
3102ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8e90000 LB 0x00249000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
3112ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
3122ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
3132ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefbc60000 LB 0x000ae000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
3142ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3152ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbc60000 'C:\WINDOWS\System32\KERNEL32.DLL'
3162ab4.3454: supR3HardenedDllNotificationCallback: load 00007ff7a7f70000 LB 0x0010d000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
3172ab4.3454: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3182ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3192ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3202ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'rpcrt4.dll'.
3212ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'version.dll'.
3222ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3232ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
3242ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
3252ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'.
3262ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'userenv.dll'.
3272ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\privman64.dll)
3282ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\privman64.dll
3292ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
3302ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
3312ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
3322ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'profapi.dll'.
3332ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll)
3342ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
3352ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
3362ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
3372ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
3382ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'gdi32.dll'.
3392ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'user32.dll'.
3402ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
3412ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
3422ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
3432ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
3442ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3452ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #67 'user32.dll'.
3462ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #69 'gdi32.dll'.
3472ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
3482ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
3492ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3502ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3512ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3522ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
3532ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
3542ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
3552ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
3562ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3572ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3582ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
3592ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'.
3602ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
3612ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
3622ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
3632ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume4\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
3642ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3652ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\version.dll)
3662ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\version.dll
3672ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3682ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3692ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
3702ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
3712ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3722ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3732ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
3742ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
3752ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3762ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3772ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
3782ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
3792ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
3802ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
3812ab4.3454: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports
3822ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll)
3832ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll
3842ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3852ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3862ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
3872ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
3882ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
3892ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
3902ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
3912ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
3922ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3932ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3942ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
3952ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3962ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3972ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
3982ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3992ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4002ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
4012ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4022ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4032ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4042ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4052ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4062ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
4072ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
4082ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
4092ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4102ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4112ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4122ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4132ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
4142ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
4152ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
4162ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
4172ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4182ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4192ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4202ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4212ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4222ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4232ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\privman64.dll (Input=privman64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4242ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\privman64.dll [lacks WinVerifyTrust]
4252ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll [lacks WinVerifyTrust]
4262ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust]
4272ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefc5b0000 LB 0x00125000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
4282ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4292ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefbd10000 LB 0x0009d000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
4302ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4312ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8a00000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\VERSION.dll [fFlags=0x0]
4322ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll [lacks WinVerifyTrust]
4332ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef97e0000 LB 0x0001e000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
4342ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
4352ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8d90000 LB 0x000f6000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
4362ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll)
4372ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll
4382ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef9a90000 LB 0x0009a000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
4392ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll)
4402ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
4412ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef9800000 LB 0x00188000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
4422ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
4432ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'gdi32.dll'.
4442ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'user32.dll'.
4452ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'win32u.dll'.
4462ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll)
4472ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll
4482ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef9dd0000 LB 0x00027000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
4492ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4502ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefc340000 LB 0x0014a000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
4512ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
4522ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefbdc0000 LB 0x00059000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
4532ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4542ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefc4f0000 LB 0x000a1000 C:\WINDOWS\System32\ADVAPI32.dll [fFlags=0x0]
4552ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4562ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef9a40000 LB 0x00049000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
4572ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
4582ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
4592ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8d20000 LB 0x0006a000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0]
4602ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
4612ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
4622ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefb820000 LB 0x002f9000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
4632ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
4642ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'bcryptprimitives.dll'.
4652ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
4662ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
4672ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefbe20000 LB 0x000aa000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
4682ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4692ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'rpcrt4.dll'.
4702ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'combase.dll'.
4712ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
4722ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
4732ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef9d00000 LB 0x00051000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
4742ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
4752ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8c10000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
4762ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
4772ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
4782ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
4792ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
4802ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8c50000 LB 0x0004c000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
4812ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
4822ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)
4832ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
4842ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8ca0000 LB 0x00015000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
4852ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
4862ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef90e0000 LB 0x006f3000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
4872ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4882ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
4892ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'combase.dll'.
4902ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #63 'profapi.dll'.
4912ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll)
4922ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll
4932ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefa360000 LB 0x01437000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
4942ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
4952ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8b10000 LB 0x00029000 C:\WINDOWS\SYSTEM32\USERENV.dll [fFlags=0x0]
4962ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust]
4972ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8a10000 LB 0x0003a000 C:\WINDOWS\System32\privman64.dll [fFlags=0x0]
4982ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\privman64.dll [lacks WinVerifyTrust]
4992ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
5002ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5012ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-synch-l1-2-0'
5022ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
5032ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5042ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-fibers-l1-1-1'
5052ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
5062ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5072ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-fibers-l1-1-1'
5082ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
5092ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5102ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-synch-l1-2-0'
5112ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
5122ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5132ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-localization-l1-2-1'
5142ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5152ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
5162ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
5172ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
5182ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
5192ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
5202ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
5212ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5222ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5232ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5242ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5252ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5262ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5272ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5282ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5292ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5302ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5312ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5322ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5332ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5342ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5352ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5362ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
5372ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
5382ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
5392ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5402ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5412ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5422ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5432ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5442ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5452ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
5462ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
5472ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
5482ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5492ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5502ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5512ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
5522ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
5532ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
5542ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5552ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5562ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
5572ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5582ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5592ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5602ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
5612ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
5622ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
5632ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5642ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbc60000 'C:\WINDOWS\System32\kernel32.dll'
5652ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
5662ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5672ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-string-l1-1-0'
5682ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
5692ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5702ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-datetime-l1-1-1'
5712ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
5722ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5732ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8e90000 'api-ms-win-core-localization-obsolete-l1-2-0'
5742ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
5752ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'win32u.dll'.
5762ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
5772ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
5782ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
5792ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
5802ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
5812ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5822ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5832ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
5842ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
5852ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefbed0000 LB 0x0002d000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
5862ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
5872ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbed0000 'C:\WINDOWS\system32\IMM32.DLL'
5882ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef8a10000 'C:\WINDOWS\System32\privman64.dll'
5892ab4.3454: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffefc819ac0 pvNtTerminateThread=00007ffefc845df0
59026e8.3328: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 522 ms.
5912ab4.3454: \SystemRoot\System32\ntdll.dll:
5922ab4.3454: CreationTime: 2017-07-11T05:40:11.983760300Z
5932ab4.3454: LastWriteTime: 2017-07-11T05:40:11.983760300Z
5942ab4.3454: ChangeTime: 2017-08-11T04:13:32.223467500Z
5952ab4.3454: FileAttributes: 0x20
5962ab4.3454: Size: 0x1d7450
5972ab4.3454: NT Headers: 0xe0
5982ab4.3454: Timestamp: 0xa329d3a8
5992ab4.3454: Machine: 0x8664 - amd64
6002ab4.3454: Timestamp: 0xa329d3a8
6012ab4.3454: Image Version: 10.0
6022ab4.3454: SizeOfImage: 0x1db000 (1945600)
6032ab4.3454: Resource Dir: 0x170000 LB 0x69398
6042ab4.3454: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
6052ab4.3454: [Raw version resource data: 0x1700f0 LB 0x380, codepage 0x0 (reserved 0x0)]
6062ab4.3454: ProductName: Microsoft® Windows® Operating System
6072ab4.3454: ProductVersion: 10.0.15063.447
6082ab4.3454: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
6092ab4.3454: FileDescription: NT Layer DLL
6102ab4.3454: \SystemRoot\System32\kernel32.dll:
6112ab4.3454: CreationTime: 2017-07-11T05:40:08.546207000Z
6122ab4.3454: LastWriteTime: 2017-07-11T05:40:08.546207000Z
6132ab4.3454: ChangeTime: 2017-08-11T04:13:32.223467500Z
6142ab4.3454: FileAttributes: 0x20
6152ab4.3454: Size: 0xad068
6162ab4.3454: NT Headers: 0xf8
6172ab4.3454: Timestamp: 0xf5fa43df
6182ab4.3454: Machine: 0x8664 - amd64
6192ab4.3454: Timestamp: 0xf5fa43df
6202ab4.3454: Image Version: 10.0
6212ab4.3454: SizeOfImage: 0xae000 (712704)
6222ab4.3454: Resource Dir: 0xac000 LB 0x520
6232ab4.3454: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
6242ab4.3454: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
6252ab4.3454: ProductName: Microsoft® Windows® Operating System
6262ab4.3454: ProductVersion: 10.0.15063.296
6272ab4.3454: FileVersion: 10.0.15063.296 (WinBuild.160101.0800)
6282ab4.3454: FileDescription: Windows NT BASE API Client DLL
6292ab4.3454: \SystemRoot\System32\KernelBase.dll:
6302ab4.3454: CreationTime: 2017-08-11T04:13:22.143335700Z
6312ab4.3454: LastWriteTime: 2017-08-11T04:13:22.143335700Z
6322ab4.3454: ChangeTime: 2017-08-11T00:16:19.295229400Z
6332ab4.3454: FileAttributes: 0x20
6342ab4.3454: Size: 0x249df0
6352ab4.3454: NT Headers: 0x100
6362ab4.3454: Timestamp: 0x5405b5
6372ab4.3454: Machine: 0x8664 - amd64
6382ab4.3454: Timestamp: 0x5405b5
6392ab4.3454: Image Version: 10.0
6402ab4.3454: SizeOfImage: 0x249000 (2396160)
6412ab4.3454: Resource Dir: 0x22a000 LB 0x548
6422ab4.3454: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
6432ab4.3454: [Raw version resource data: 0x22a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
6442ab4.3454: ProductName: Microsoft® Windows® Operating System
6452ab4.3454: ProductVersion: 10.0.15063.502
6462ab4.3454: FileVersion: 10.0.15063.502 (WinBuild.160101.0800)
6472ab4.3454: FileDescription: Windows NT BASE API Client DLL
6482ab4.3454: \SystemRoot\System32\apisetschema.dll:
6492ab4.3454: CreationTime: 2017-03-18T20:57:35.373527900Z
6502ab4.3454: LastWriteTime: 2017-03-18T20:57:35.373527900Z
6512ab4.3454: ChangeTime: 2017-08-11T04:05:28.893106200Z
6522ab4.3454: FileAttributes: 0x20
6532ab4.3454: Size: 0x1ada0
6542ab4.3454: NT Headers: 0xc0
6552ab4.3454: Timestamp: 0x76544b2
6562ab4.3454: Machine: 0x8664 - amd64
6572ab4.3454: Timestamp: 0x76544b2
6582ab4.3454: Image Version: 10.0
6592ab4.3454: SizeOfImage: 0x1b000 (110592)
6602ab4.3454: Resource Dir: 0x1a000 LB 0x408
6612ab4.3454: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
6622ab4.3454: [Raw version resource data: 0x1a060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
6632ab4.3454: ProductName: Microsoft® Windows® Operating System
6642ab4.3454: ProductVersion: 10.0.15063.0
6652ab4.3454: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
6662ab4.3454: FileDescription: ApiSet Schema DLL
6672ab4.3454: Found driver SysPlant (0x1)
6682ab4.3454: Found driver SymNetS (0x2)
6692ab4.3454: Found driver SRTSPX (0x2)
6702ab4.3454: Found driver SymEvent (0x2)
6712ab4.3454: Found driver SymIRON (0x2)
6722ab4.3454: supR3HardenedWinFindAdversaries: 0x10003
6732ab4.3454: \SystemRoot\System32\drivers\SysPlant.sys:
6742ab4.3454: CreationTime: 2017-08-10T13:47:29.069850400Z
6752ab4.3454: LastWriteTime: 2017-08-10T13:47:29.101103900Z
6762ab4.3454: ChangeTime: 2017-08-11T00:20:06.858234300Z
6772ab4.3454: FileAttributes: 0x20
6782ab4.3454: Size: 0x2fd38
6792ab4.3454: NT Headers: 0xf0
6802ab4.3454: Timestamp: 0x58fbb6da
6812ab4.3454: Machine: 0x8664 - amd64
6822ab4.3454: Timestamp: 0x58fbb6da
6832ab4.3454: Image Version: 5.0
6842ab4.3454: SizeOfImage: 0x2f000 (192512)
6852ab4.3454: Resource Dir: 0x2d000 LB 0x49c
6862ab4.3454: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
6872ab4.3454: [Raw version resource data: 0x2d0b8 LB 0x3e4, codepage 0x4e4 (reserved 0x0)]
6882ab4.3454: ProductName: Symantec CMC Firewall
6892ab4.3454: ProductVersion: 14.0.2395.0200
6902ab4.3454: FileVersion: 14.0.2395.0200
6912ab4.3454: FileDescription: Symantec CMC Firewall SysPlant
6922ab4.3454: \SystemRoot\System32\sysfer.dll:
6932ab4.3454: CreationTime: 2017-08-10T13:47:29.038596900Z
6942ab4.3454: LastWriteTime: 2017-08-10T13:47:29.069850400Z
6952ab4.3454: ChangeTime: 2017-08-11T00:41:40.828923800Z
6962ab4.3454: FileAttributes: 0x20
6972ab4.3454: Size: 0x7aae8
6982ab4.3454: NT Headers: 0x108
6992ab4.3454: Timestamp: 0x58fbb6f1
7002ab4.3454: Machine: 0x8664 - amd64
7012ab4.3454: Timestamp: 0x58fbb6f1
7022ab4.3454: Image Version: 0.0
7032ab4.3454: SizeOfImage: 0x8e000 (581632)
7042ab4.3454: Resource Dir: 0x8a000 LB 0x658
7052ab4.3454: [Version info resource found at 0xc8! (ID/Name: 0x1; SubID/SubName: 0x409)]
7062ab4.3454: [Raw version resource data: 0x8a100 LB 0x3d8, codepage 0x4e4 (reserved 0x0)]
7072ab4.3454: ProductName: Symantec CMC Firewall
7082ab4.3454: ProductVersion: 14.0.2395.0200
7092ab4.3454: FileVersion: 14.0.2395.0200
7102ab4.3454: FileDescription: Symantec CMC Firewall sysfer
7112ab4.3454: \SystemRoot\System32\drivers\symevent64x86.sys:
7122ab4.3454: CreationTime: 2017-08-10T13:48:30.395402700Z
7132ab4.3454: LastWriteTime: 2017-08-10T13:48:30.207852100Z
7142ab4.3454: ChangeTime: 2017-08-11T00:20:06.858234300Z
7152ab4.3454: FileAttributes: 0x20
7162ab4.3454: Size: 0x190d0
7172ab4.3454: NT Headers: 0xe0
7182ab4.3454: Timestamp: 0x584f629e
7192ab4.3454: Machine: 0x8664 - amd64
7202ab4.3454: Timestamp: 0x584f629e
7212ab4.3454: Image Version: 6.2
7222ab4.3454: SizeOfImage: 0x23000 (143360)
7232ab4.3454: Resource Dir: 0x21000 LB 0x3c8
7242ab4.3454: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
7252ab4.3454: [Raw version resource data: 0x210b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
7262ab4.3454: ProductName: SYMEVENT
7272ab4.3454: ProductVersion: 14.0.4.16
7282ab4.3454: FileVersion: 14.0.4.16
7292ab4.3454: FileDescription: Symantec Event Library
7302ab4.3454: \SystemRoot\System32\drivers\privman.sys:
7312ab4.3454: CreationTime: 2017-08-10T13:42:45.152311700Z
7322ab4.3454: LastWriteTime: 2017-06-22T19:55:22.000000000Z
7332ab4.3454: ChangeTime: 2017-08-11T00:20:48.288224500Z
7342ab4.3454: FileAttributes: 0x20
7352ab4.3454: Size: 0x10630
7362ab4.3454: NT Headers: 0x100
7372ab4.3454: Timestamp: 0x594be0d5
7382ab4.3454: Machine: 0x8664 - amd64
7392ab4.3454: Timestamp: 0x594be0d5
7402ab4.3454: Image Version: 6.1
7412ab4.3454: SizeOfImage: 0xf000 (61440)
7422ab4.3454: Resource Dir: 0xb000 LB 0x2fa8
7432ab4.3454: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x0)]
7442ab4.3454: [Raw version resource data: 0xb0a0 LB 0x33c, codepage 0x0 (reserved 0x0)]
7452ab4.3454: ProductName: PowerBroker for Windows
7462ab4.3454: ProductVersion: 7.3.0.0
7472ab4.3454: FileVersion: 7.3.0.0
7482ab4.3454: FileDescription: PowerBroker for Windows
7492ab4.3454: \SystemRoot\System32\privman64.dll:
7502ab4.3454: CreationTime: 2017-06-22T17:52:44.000000000Z
7512ab4.3454: LastWriteTime: 2017-06-22T17:52:44.000000000Z
7522ab4.3454: ChangeTime: 2017-08-11T00:20:48.288224500Z
7532ab4.3454: FileAttributes: 0x20
7542ab4.3454: Size: 0x39100
7552ab4.3454: NT Headers: 0xf8
7562ab4.3454: Timestamp: 0x594be02a
7572ab4.3454: Machine: 0x8664 - amd64
7582ab4.3454: Timestamp: 0x594be02a
7592ab4.3454: Image Version: 0.0
7602ab4.3454: SizeOfImage: 0x3a000 (237568)
7612ab4.3454: Resource Dir: 0x38000 LB 0x578
7622ab4.3454: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x0)]
7632ab4.3454: [Raw version resource data: 0x380a0 LB 0x37c, codepage 0x4e4 (reserved 0x0)]
7642ab4.3454: ProductName: PowerBroker for Windows
7652ab4.3454: ProductVersion: 7.3.0.0
7662ab4.3454: FileVersion: 7.3.0.0
7672ab4.3454: FileDescription: BeyondTrust PowerBroker for Windows DLL
7682ab4.3454: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
7692ab4.3454: Calling main()
7702ab4.3454: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
7712ab4.3454: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
7722ab4.3454: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
7732ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
7742ab4.3454: SUPR3HardenedMain: Respawn #2
7752ab4.3454: Error (rc=-5640):
7762ab4.3454: More than one thread in process
7772ab4.3454: Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1)
7782ab4.3454: More than one thread in process
7792ab4.3454: supR3HardNtEnableThreadCreation:
7802ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
7812ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
7822ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
7832ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
7842ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
7852ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
7862ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
7872ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
7882ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
7892ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
7902ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
7912ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
7922ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
7932ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
7942ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
7952ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll)
7962ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
7972ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
7982ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
7992ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
8002ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
8012ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll)
8022ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
8032ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
8042ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
8052ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
8062ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
8072ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
8082ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll)
8092ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
8102ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
8112ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
8122ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'rpcrt4.dll'.
8132ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'.
8142ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'.
8152ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
8162ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll)
8172ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
8182ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
8192ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
8202ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
8212ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
8222ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
8232ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8242ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8252ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8262ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
8272ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
8282ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
8292ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
8302ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
8312ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
8322ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
8332ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll)
8342ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
8352ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
8362ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
8372ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
8382ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
8392ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
8402ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
8412ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
8422ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
8432ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
8442ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
8452ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll)
8462ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
8472ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
8482ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
8492ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
8502ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
8512ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
8522ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
8532ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
8542ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
8552ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
8562ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
8572ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
8582ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
8592ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
8602ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
8612ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
8622ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
8632ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
8642ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
8652ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
8662ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
8672ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
8682ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
8692ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
8702ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
8712ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
8722ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
8732ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
8742ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
8752ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
8762ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
8772ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
8782ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
8792ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
8802ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
8812ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8822ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8832ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
8842ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
8852ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
8862ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
8872ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8882ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll)
8892ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
8902ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
8912ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
8922ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8932ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
8942ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
8952ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
8962ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll)
8972ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8982ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
8992ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
9002ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9012ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
9022ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
9032ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
9042ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
9052ab4.3454: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
9062ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
9072ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
9082ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
9092ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9102ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
9112ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
9122ab4.3454: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
9132ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
9142ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9152ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9162ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9172ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9182ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9192ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
9202ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9212ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
9222ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
9232ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9242ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9252ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9262ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9272ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9282ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
9292ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
9302ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
9312ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
9322ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll)
9332ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
9342ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9352ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9362ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9372ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9382ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9392ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9402ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9412ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9422ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9432ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9442ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9452ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9462ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9472ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9482ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9492ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
9502ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
9512ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll)
9522ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll
9532ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
9542ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
9552ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
9562ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9572ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
9582ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
9592ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
9602ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
9612ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust]
9622ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
9632ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
9642ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
9652ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9662ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9672ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
9682ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9692ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9702ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9712ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9722ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9732ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9742ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
9752ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
9762ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
9772ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9782ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9792ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
9802ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9812ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9822ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9832ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
9842ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
9852ab4.3454: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
9862ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
9872ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
9882ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust]
9892ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9902ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9912ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9922ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9932ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9942ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9952ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
9962ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
9972ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
9982ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
9992ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
10002ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
10012ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
10022ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
10032ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
10042ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10052ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10062ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10072ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10082ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10092ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10102ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10112ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10122ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
10132ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
10142ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
10152ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10162ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
10172ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'shlwapi.dll'.
10182ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
10192ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'comctl32.dll'.
10202ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'shell32.dll'.
10212ab4.3454: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll)
10222ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
10232ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
10242ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
10252ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10262ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'bcrypt.dll'.
10272ab4.3454: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv)
10282ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv
10292ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
10302ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
10312ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
10322ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
10332ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
10342ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
10352ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
10362ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
10372ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
10382ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10392ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10402ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10412ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10422ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10432ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10442ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10452ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10462ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
10472ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
10482ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
10492ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
10502ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
10512ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
10522ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
10532ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
10542ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
10552ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
10562ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
10572ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
10582ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
10592ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10602ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10612ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10622ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10632ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10642ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10652ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10662ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10672ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10682ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10692ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10702ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10712ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
10722ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
10732ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
10742ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
10752ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
10762ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
10772ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10782ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10792ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10802ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
10812ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
10822ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10832ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
10842ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
10852ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10862ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10872ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10882ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
10892ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
10902ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
10912ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
10922ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10932ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10942ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10952ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
10962ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
10972ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
10982ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
10992ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
11002ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
11012ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
11022ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
11032ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll)
11042ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll
11052ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11062ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11072ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11082ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
11092ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
11102ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
11112ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11122ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11132ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
11142ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11152ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11162ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11172ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11182ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11192ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11202ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
11212ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
11222ab4.3454: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
11232ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11242ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11252ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
11262ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11272ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11282ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11292ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11302ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11312ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
11322ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11332ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11342ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11352ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11362ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11372ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
11382ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
11392ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
11402ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
11412ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
11422ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
11432ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11442ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
11452ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
11462ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
11472ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust]
11482ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
11492ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust]
11502ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust]
11512ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust]
11522ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust]
11532ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
11542ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
11552ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
11562ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.15063.413_none_0e0f5dcc67adff4e\comctl32.dll)
11572ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.15063.413_none_0e0f5dcc67adff4e\comctl32.dll
11582ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
11592ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
11602ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffedc850000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
11612ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust]
11622ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffed3eb0000 LB 0x00121000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
11632ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
11642ab4.3454: supR3HardenedDllNotificationCallback: load 0000000077300000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
11652ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11662ab4.3454: supR3HardenedDllNotificationCallback: load 00000000773e0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
11672ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
11682ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef9d60000 LB 0x0006c000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
11692ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
11702ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffea6980000 LB 0x0053f000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
11712ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
11722ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefa210000 LB 0x00145000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
11732ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust]
11742ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef3f00000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
11752ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust]
11762ab4.3454: supR3HardenedDllNotificationCallback: load 0000000076820000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
11772ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
11782ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffea5a90000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
11792ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
11802ab4.3454: supR3HardenedDllNotificationCallback: load 0000000076d90000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
11812ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
11822ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8780000 LB 0x00025000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0]
11832ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
11842ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffeeb530000 LB 0x0008a000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
11852ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust]
11862ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffed4340000 LB 0x000a6000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.15063.413_none_0e0f5dcc67adff4e\COMCTL32.dll [fFlags=0x0]
11872ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.15063.413_none_0e0f5dcc67adff4e\comctl32.dll [lacks WinVerifyTrust]
11882ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefbb20000 LB 0x00108000 C:\WINDOWS\System32\COMDLG32.dll [fFlags=0x0]
11892ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
11902ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffebf380000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
11912ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust]
11922ab4.3454: supR3HardenedDllNotificationCallback: load 00000000767c0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
11932ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
11942ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefc6e0000 LB 0x000c0000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
11952ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
11962ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffee9170000 LB 0x0002b000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
11972ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
11982ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffee91a0000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
11992ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust]
12002ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffea6090000 LB 0x008eb000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
12012ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
12022ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12032ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12042ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12052ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
12062ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12072ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12082ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12092ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12102ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12112ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
12122ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12132ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12142ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12152ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12162ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12172ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12182ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12192ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12202ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12212ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12222ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12232ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12242ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12252ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12262ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12272ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12282ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12292ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12302ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12312ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12322ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12332ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12342ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12352ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12362ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12372ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12382ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12392ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12402ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12412ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12422ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12432ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12442ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12452ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12462ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12472ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12482ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12492ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12502ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12512ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12522ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12532ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12542ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12552ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12562ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12572ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12582ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12592ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12602ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12612ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12622ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12632ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12642ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12652ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12662ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12672ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12682ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12692ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12702ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12712ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12722ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12732ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12742ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12752ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12762ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12772ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12782ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12792ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12802ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12812ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12822ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6980000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12832ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
12842ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12852ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbed0000 'C:\WINDOWS\System32\imm32.dll'
12862ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
12872ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12882ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefc4f0000 'C:\WINDOWS\System32\ADVAPI32.DLL'
12892ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
12902ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
12912ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
12922ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef8690000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0]
12932ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
12942ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea6090000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
12952ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
12962ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
12972ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
12982ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
12992ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13002ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbc60000 'C:\WINDOWS\System32\kernel32.dll'
13012ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
13022ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
13032ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
13042ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
13052ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
13062ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
13072ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
13082ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
13092ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
13102ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
13112ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
13122ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll)
13132ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
13142ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13152ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13162ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13172ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13182ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13192ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13202ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13212ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13222ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
13232ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13242ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13252ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
13262ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
13272ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
13282ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
13292ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
13302ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
13312ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
13322ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
13332ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
13342ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust]
13352ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
13362ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
13372ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
13382ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13392ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13402ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
13412ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13422ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13432ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust]
13442ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13452ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13462ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13472ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13482ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
13492ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffea8490000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
13502ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
13512ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffea8490000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
13522ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13532ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
13542ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
13552ab4.3454: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll)
13562ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
13572ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13582ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13592ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
13602ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13612ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13622ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13632ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13642ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13652ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
13662ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
13672ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
13682ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef7690000 LB 0x00095000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
13692ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
13702ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef7690000 'C:\WINDOWS\system32\uxtheme.dll'
13712ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
13722ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefc340000 'C:\WINDOWS\system32\user32.dll'
13732ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
13742ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13752ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefa360000 'C:\WINDOWS\system32\shell32.dll'
13762ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
13772ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13782ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbe20000 'C:\WINDOWS\system32\SHCore.dll'
13792ab4.3454: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
13802ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
13812ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13822ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'win32u.dll'.
13832ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'.
13842ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'.
13852ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll)
13862ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
13872ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef5b00000 LB 0x0002a000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0]
13882ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [lacks WinVerifyTrust]
13892ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust]
13902ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13912ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13922ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13932ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13942ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13952ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
13962ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13972ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13982ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
13992ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14002ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14012ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14022ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14032ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffee91a0000 'C:\WINDOWS\system32\winmm.dll'
14042ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust]
14052ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14062ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffee91a0000 'C:\WINDOWS\system32\winmm.dll'
14072ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14082ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14092ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefa360000 'C:\WINDOWS\system32\shell32.dll'
14102ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
14112ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14122ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef7690000 'C:\WINDOWS\system32\uxtheme.dll'
14132ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14142ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\gdi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14152ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef9dd0000 'C:\WINDOWS\system32\gdi32.dll'
14162ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffefa0a0000 LB 0x00166000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
14172ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14182ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'oleaut32.dll'.
14192ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
14202ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'gdi32.dll'.
14212ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'imm32.dll'.
14222ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
14232ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
14242ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
14252ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
14262ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
14272ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
14282ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14292ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14302ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14312ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14322ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14332ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14342ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
14352ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
14362ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
14372ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14382ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14392ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14402ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefc5b0000 'C:\WINDOWS\System32\rpcrt4.dll'
14412ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef9fa0000 LB 0x0009e000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
14422ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14432ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
14442ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
14452ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
14462ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14472ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
14482ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'combase.dll'.
14492ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'd3d11.dll'.
14502ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dcomp.dll'.
14512ab4.3454: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll)
14522ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
14532ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
14542ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
14552ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
14562ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
14572ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll)
14582ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll
14592ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
14602ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
14612ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14622ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'.
14632ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'win32u.dll'.
14642ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll)
14652ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll
14662ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
14672ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
14682ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
14692ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
14702ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
14712ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
14722ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14732ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14742ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14752ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14762ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14772ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
14782ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14792ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14802ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14812ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
14822ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
14832ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
14842ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
14852ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
14862ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14872ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
14882ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll)
14892ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll
14902ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14912ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14922ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14932ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14942ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14952ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14962ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
14972ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
14982ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
14992ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15002ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15012ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15022ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15032ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15042ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15052ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
15062ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
15072ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
15082ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
15092ab4.3454: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
15102ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef7a30000 LB 0x000a4000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
15112ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
15122ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef62b0000 LB 0x002df000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
15132ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
15142ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef6c30000 LB 0x00122000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
15152ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
15162ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef3fc0000 LB 0x00047000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
15172ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
15182ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef3fc0000 'C:\WINDOWS\system32\dataexchange.dll'
15192ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15202ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
15212ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'bcrypt.dll'.
15222ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'combase.dll'.
15232ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll)
15242ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll
15252ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef5400000 LB 0x00170000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
15262ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust]
15272ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15282ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
15292ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'devobj.dll'.
15302ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'.
15312ab4.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll)
15322ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
15332ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'cfgmgr32.dll'.
15342ab4.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll)
15352ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll
15362ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15372ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
15382ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
15392ab4.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll)
15402ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\propsys.dll
15412ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffef7730000 LB 0x00028000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
15422ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust]
15432ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffeee090000 LB 0x00196000 C:\WINDOWS\SYSTEM32\PROPSYS.dll [fFlags=0x0]
15442ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll [lacks WinVerifyTrust]
15452ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffeea1a0000 LB 0x00067000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0]
15462ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
15472ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15482ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
15492ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'ksuser.dll'.
15502ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'avrt.dll'.
15512ab4.25cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv)
15522ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
15532ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
15542ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
15552ab4.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll)
15562ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll
15572ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
15582ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
15592ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15602ab4.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll)
15612ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll
15622ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
15632ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
15642ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
15652ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15662ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15672ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15682ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15692ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15702ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
15712ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
15722ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
15732ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
15742ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15752ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15762ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15772ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
15782ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
15792ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
15802ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
15812ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume4\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
15822ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll [lacks WinVerifyTrust]
15832ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
15842ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
15852ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust]
15862ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15872ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15882ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
15892ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15902ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15912ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15922ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
15932ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15942ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
15952ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
15962ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
15972ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
15982ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15992ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16002ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
16012ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16022ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16032ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16042ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16052ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16062ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16072ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
16082ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16092ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'coreuicomponents.dll'.
16102ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'coremessaging.dll'.
16112ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll)
16122ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
16132ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16142ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'coremessaging.dll'.
16152ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'shcore.dll'.
16162ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll)
16172ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
16182ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16192ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
16202ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll)
16212ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
16222ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntmarta.dll)
16232ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntmarta.dll
16242ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
16252ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
16262ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'bcryptprimitives.dll'.
16272ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll)
16282ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll
16292ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16302ab4.3454: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
16312ab4.3454: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\usermgrcli.dll)
16322ab4.3454: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\usermgrcli.dll
16332ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef7f30000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
16342ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntmarta.dll [lacks WinVerifyTrust]
16352ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef6b40000 LB 0x000e3000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
16362ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
16372ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef55e0000 LB 0x00139000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
16382ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [lacks WinVerifyTrust]
16392ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef55c0000 LB 0x00015000 C:\WINDOWS\SYSTEM32\usermgrcli.dll [fFlags=0x0]
16402ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\usermgrcli.dll [lacks WinVerifyTrust]
16412ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffef5720000 LB 0x002d2000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
16422ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
16432ab4.3454: supR3HardenedDllNotificationCallback: load 00007ffed8ef0000 LB 0x00082000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
16442ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll [lacks WinVerifyTrust]
16452ab4.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
16462ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
16472ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16482ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16492ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
16502ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16512ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16522ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16532ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
16542ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
16552ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
16562ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16572ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16582ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
16592ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
16602ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
16612ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
16622ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16632ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16642ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
16652ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16662ab4.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
16672ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16682ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16692ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
16702ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
16712ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
16722ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
16732ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
16742ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
16752ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16762ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16772ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16782ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
16792ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
16802ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
16812ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
16822ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
16832ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
16842ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16852ab4.3454: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16862ab4.3454: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16872ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16882ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefc6e0000 'C:\WINDOWS\System32\OLEAUT32.DLL'
16892ab4.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust]
16902ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
16912ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16922ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefc340000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
16932ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffef1610000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
16942ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
16952ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
16962ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16972ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefc340000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
16982ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffef5af0000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
16992ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust]
17002ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffebe0c0000 LB 0x00041000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
17012ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17022ab4.3454: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\secruntime.dll': 0 (NtPath=\??\C:\WINDOWS\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
17032ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\secruntime.dll'
17042ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17052ab4.3454: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-1.dll) -> 0x0, fPresent=1
17062ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-1.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17072ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb820000 'api-ms-win-core-com-l1-1-1.dll'
17082ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17092ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
17102ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17112ab4.3454: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\secruntime.dll': 0 (NtPath=\??\C:\WINDOWS\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
17122ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\secruntime.dll'
17132ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
17142ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17152ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeea1a0000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
17162ab4.3454: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\secruntime.dll': 0 (NtPath=\??\C:\WINDOWS\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
17172ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\secruntime.dll'
17182ab4.3454: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\secruntime.dll': 0 (NtPath=\??\C:\WINDOWS\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
17192ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\secruntime.dll'
17202ab4.3454: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [lacks WinVerifyTrust]
17212ab4.3454: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17222ab4.3454: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefa0a0000 'C:\WINDOWS\System32\MSCTF.dll'
17232ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17242ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
17252ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17262ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17272ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
17282ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17292ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17302ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
17312ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17322ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
17332ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
17342ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
17352ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'mmdevapi.dll'.
17362ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'avrt.dll'.
17372ab4.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll)
17382ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
17392ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
17402ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
17412ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust]
17422ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
17432ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
17442ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
17452ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17462ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17472ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
17482ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17492ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17502ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
17512ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17522ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17532ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
17542ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17552ab4.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
17562ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffee91d0000 LB 0x00105000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
17572ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
17582ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffee91d0000 'C:\WINDOWS\System32\AUDIOSES.DLL'
17592ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17602ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
17612ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17622ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17632ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
17642ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17652ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
17662ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebe0c0000 'C:\WINDOWS\System32\wdmaud.drv'
17672ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17682ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'mmdevapi.dll'.
17692ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'.
17702ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmmbase.dll'.
17712ab4.25cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv)
17722ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv
17732ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
17742ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
17752ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
17762ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
17772ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
17782ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17792ab4.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll)
17802ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll
17812ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
17822ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
17832ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
17842ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17852ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17862ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
17872ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17882ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17892ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
17902ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
17912ab4.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
17922ab4.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
17932ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffecb470000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
17942ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
17952ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffed4e10000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
17962ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
17972ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
17982ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
17992ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18002ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18012ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18022ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18032ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18042ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18052ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18062ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18072ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18082ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18092ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18102ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18112ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18122ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18132ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18142ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18152ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18162ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18172ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18182ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18192ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18202ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
18212ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed4e10000 'C:\WINDOWS\System32\msacm32.drv'
18222ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18232ab4.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'.
18242ab4.25cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\midimap.dll)
18252ab4.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll
18262ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
18272ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
18282ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust]
18292ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18302ab4.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18312ab4.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
18322ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18332ab4.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust]
18342ab4.25cc: supR3HardenedDllNotificationCallback: load 00007ffed2140000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
18352ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust]
18362ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed2140000 'C:\WINDOWS\System32\midimap.dll'
18372ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust]
18382ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18392ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed2140000 'C:\WINDOWS\System32\midimap.dll'
18402ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust]
18412ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18422ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed2140000 'C:\WINDOWS\System32\midimap.dll'
18432ab4.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust]
18442ab4.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
18452ab4.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed2140000 'C:\WINDOWS\System32\midimap.dll'
18462ab4.122c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
18472ab4.122c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
18482ab4.122c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeea1a0000 'C:\WINDOWS\System32\MMDevApi.dll'
184926e8.3328: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1761 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy