VirtualBox

Ticket #15873: VBoxHardening.log

File VBoxHardening.log, 168.6 KB (added by ThunderFox, 8 years ago)

Hardening log

Line 
116e4.2678: Log file opened: 5.0.26r108824 g_hStartupLog=0000000000000090 g_uNtVerCombined=0xa0295a00
216e4.2678: \SystemRoot\System32\ntdll.dll:
316e4.2678: CreationTime: 2016-08-26T10:18:33.398022200Z
416e4.2678: LastWriteTime: 2016-04-23T05:24:28.464629900Z
516e4.2678: ChangeTime: 2016-08-29T08:36:32.121899100Z
616e4.2678: FileAttributes: 0x20
716e4.2678: Size: 0x1bc248
816e4.2678: NT Headers: 0xe0
916e4.2678: Timestamp: 0x571af2eb
1016e4.2678: Machine: 0x8664 - amd64
1116e4.2678: Timestamp: 0x571af2eb
1216e4.2678: Image Version: 10.0
1316e4.2678: SizeOfImage: 0x1c1000 (1839104)
1416e4.2678: Resource Dir: 0x159000 LB 0x66218
1516e4.2678: ProductName: Microsoft® Windows® Operating System
1616e4.2678: ProductVersion: 10.0.10586.306
1716e4.2678: FileVersion: 10.0.10586.306 (th2_release_sec.160422-1850)
1816e4.2678: FileDescription: NT Layer DLL
1916e4.2678: \SystemRoot\System32\kernel32.dll:
2016e4.2678: CreationTime: 2015-10-30T07:17:46.221743200Z
2116e4.2678: LastWriteTime: 2015-10-30T07:17:46.221743200Z
2216e4.2678: ChangeTime: 2016-08-10T16:23:29.865203500Z
2316e4.2678: FileAttributes: 0x20
2416e4.2678: Size: 0xac430
2516e4.2678: NT Headers: 0xf0
2616e4.2678: Timestamp: 0x5632d5aa
2716e4.2678: Machine: 0x8664 - amd64
2816e4.2678: Timestamp: 0x5632d5aa
2916e4.2678: Image Version: 10.0
3016e4.2678: SizeOfImage: 0xad000 (708608)
3116e4.2678: Resource Dir: 0xab000 LB 0x528
3216e4.2678: ProductName: Microsoft® Windows® Operating System
3316e4.2678: ProductVersion: 10.0.10586.0
3416e4.2678: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
3516e4.2678: FileDescription: Windows NT BASE API Client DLL
3616e4.2678: \SystemRoot\System32\KernelBase.dll:
3716e4.2678: CreationTime: 2016-08-26T10:15:58.917701600Z
3816e4.2678: LastWriteTime: 2016-07-01T04:49:21.864958900Z
3916e4.2678: ChangeTime: 2016-08-29T08:36:28.250157000Z
4016e4.2678: FileAttributes: 0x20
4116e4.2678: Size: 0x1e7a10
4216e4.2678: NT Headers: 0xf0
4316e4.2678: Timestamp: 0x5775e4c5
4416e4.2678: Machine: 0x8664 - amd64
4516e4.2678: Timestamp: 0x5775e4c5
4616e4.2678: Image Version: 10.0
4716e4.2678: SizeOfImage: 0x1e8000 (1998848)
4816e4.2678: Resource Dir: 0x1d1000 LB 0x548
4916e4.2678: ProductName: Microsoft® Windows® Operating System
5016e4.2678: ProductVersion: 10.0.10586.494
5116e4.2678: FileVersion: 10.0.10586.494 (th2_release_sec.160630-1736)
5216e4.2678: FileDescription: Windows NT BASE API Client DLL
5316e4.2678: \SystemRoot\System32\apisetschema.dll:
5416e4.2678: CreationTime: 2015-10-30T07:17:57.502957900Z
5516e4.2678: LastWriteTime: 2015-10-30T07:17:57.502957900Z
5616e4.2678: ChangeTime: 2016-08-10T16:23:15.880826600Z
5716e4.2678: FileAttributes: 0x20
5816e4.2678: Size: 0x16d60
5916e4.2678: NT Headers: 0xc8
6016e4.2678: Timestamp: 0x5632d94c
6116e4.2678: Machine: 0x8664 - amd64
6216e4.2678: Timestamp: 0x5632d94c
6316e4.2678: Image Version: 10.0
6416e4.2678: SizeOfImage: 0x18000 (98304)
6516e4.2678: Resource Dir: 0x17000 LB 0x400
6616e4.2678: ProductName: Microsoft® Windows® Operating System
6716e4.2678: ProductVersion: 10.0.10586.0
6816e4.2678: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
6916e4.2678: FileDescription: ApiSet Schema DLL
7016e4.2678: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7116e4.2678: supR3HardenedWinFindAdversaries: 0x10083
7216e4.2678: \SystemRoot\System32\drivers\SysPlant.sys:
7316e4.2678: CreationTime: 2015-09-09T09:54:34.896250000Z
7416e4.2678: LastWriteTime: 2016-08-09T23:42:50.554114600Z
7516e4.2678: ChangeTime: 2016-08-10T07:50:39.586208600Z
7616e4.2678: FileAttributes: 0x20
7716e4.2678: Size: 0x2b9a8
7816e4.2678: NT Headers: 0x100
7916e4.2678: Timestamp: 0x576a282d
8016e4.2678: Machine: 0x8664 - amd64
8116e4.2678: Timestamp: 0x576a282d
8216e4.2678: Image Version: 5.0
8316e4.2678: SizeOfImage: 0x30000 (196608)
8416e4.2678: Resource Dir: 0x2e000 LB 0x498
8516e4.2678: ProductName: Symantec CMC Firewall
8616e4.2678: ProductVersion: 12.1.7004.6500
8716e4.2678: FileVersion: 12.1.7004.6500
8816e4.2678: FileDescription: Symantec CMC Firewall SysPlant
8916e4.2678: \SystemRoot\System32\sysfer.dll:
9016e4.2678: CreationTime: 2015-09-09T09:54:34.865000000Z
9116e4.2678: LastWriteTime: 2016-08-09T23:42:50.554114600Z
9216e4.2678: ChangeTime: 2016-08-10T07:50:39.476826700Z
9316e4.2678: FileAttributes: 0x20
9416e4.2678: Size: 0x73728
9516e4.2678: NT Headers: 0xf0
9616e4.2678: Timestamp: 0x576a2837
9716e4.2678: Machine: 0x8664 - amd64
9816e4.2678: Timestamp: 0x576a2837
9916e4.2678: Image Version: 0.0
10016e4.2678: SizeOfImage: 0x89000 (561152)
10116e4.2678: Resource Dir: 0x87000 LB 0x630
10216e4.2678: ProductName: Symantec CMC Firewall
10316e4.2678: ProductVersion: 12.1.7004.6500
10416e4.2678: FileVersion: 12.1.7004.6500
10516e4.2678: FileDescription: Symantec CMC Firewall sysfer
10616e4.2678: \SystemRoot\System32\drivers\symevent64x86.sys:
10716e4.2678: CreationTime: 2015-09-09T09:56:55.630625000Z
10816e4.2678: LastWriteTime: 2016-08-09T20:56:59.539835600Z
10916e4.2678: ChangeTime: 2016-08-10T07:50:39.586208600Z
11016e4.2678: FileAttributes: 0x20
11116e4.2678: Size: 0x2b8d8
11216e4.2678: NT Headers: 0xe8
11316e4.2678: Timestamp: 0x54b87d44
11416e4.2678: Machine: 0x8664 - amd64
11516e4.2678: Timestamp: 0x54b87d44
11616e4.2678: Image Version: 6.0
11716e4.2678: SizeOfImage: 0x38000 (229376)
11816e4.2678: Resource Dir: 0x36000 LB 0x3c8
11916e4.2678: ProductName: SYMEVENT
12016e4.2678: ProductVersion: 12.9.6.12
12116e4.2678: FileVersion: 12.9.6.12
12216e4.2678: FileDescription: Symantec Event Library
12316e4.2678: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
12416e4.2678: CreationTime: 2016-08-09T10:33:46.189526500Z
12516e4.2678: LastWriteTime: 2016-08-09T10:33:46.189526500Z
12616e4.2678: ChangeTime: 2016-08-10T07:50:39.554949000Z
12716e4.2678: FileAttributes: 0x20
12816e4.2678: Size: 0x2eed8
12916e4.2678: NT Headers: 0xe0
13016e4.2678: Timestamp: 0x55b855d9
13116e4.2678: Machine: 0x8664 - amd64
13216e4.2678: Timestamp: 0x55b855d9
13316e4.2678: Image Version: 6.1
13416e4.2678: SizeOfImage: 0x33000 (208896)
13516e4.2678: Resource Dir: 0x31000 LB 0x3b8
13616e4.2678: ProductName: Malwarebytes Anti-Malware
13716e4.2678: ProductVersion: 0.3.0.0
13816e4.2678: FileVersion: 0.3.0.0
13916e4.2678: FileDescription: Malwarebytes Anti-Malware
14016e4.2678: \SystemRoot\System32\drivers\PGDriver.sys:
14116e4.2678: CreationTime: 2016-06-11T13:24:48.451200100Z
14216e4.2678: LastWriteTime: 2015-09-07T15:05:44.000000000Z
14316e4.2678: ChangeTime: 2016-08-10T07:50:39.570548900Z
14416e4.2678: FileAttributes: 0x20
14516e4.2678: Size: 0x5580
14616e4.2678: NT Headers: 0xf8
14716e4.2678: Timestamp: 0x55eda61c
14816e4.2678: Machine: 0x8664 - amd64
14916e4.2678: Timestamp: 0x55eda61c
15016e4.2678: Image Version: 6.3
15116e4.2678: SizeOfImage: 0xa000 (40960)
15216e4.2678: Resource Dir: 0x8000 LB 0x420
15316e4.2678: ProductName: Avecto Defendpoint
15416e4.2678: ProductVersion: 4.0.349.0
15516e4.2678: FileVersion: 4.0.349.0
15616e4.2678: SpecialBuild: D
15716e4.2678: FileDescription: Defendpoint Driver
15816e4.2678: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
15916e4.2678: Calling main()
16016e4.2678: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
16116e4.2678: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
16216e4.2678: SUPR3HardenedMain: Respawn #1
16316e4.2678: System32: \Device\HarddiskVolume2\Windows\System32
16416e4.2678: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
16516e4.2678: KnownDllPath: C:\WINDOWS\system32
16616e4.2678: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
16716e4.2678: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
16816e4.2678: supR3HardNtEnableThreadCreation:
16916e4.2678: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff857536d50 pvNtTerminateThread=00007ff857565b30
17016e4.2678: supR3HardenedWinDoReSpawn(1): New child 28d0.1a84 [kernel32].
17116e4.2678: supR3HardNtChildGatherData: PebBaseAddress=000000000116b000 cbPeb=0x388
17216e4.2678: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff8574c0000 uNtDllChildAddr=00007ff8574c0000
17316e4.2678: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff857536d50
17416e4.2678: supR3HardenedWinSetupChildInit: Start child.
17516e4.2678: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
17616e4.2678: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 61 sleeps
17716e4.2678: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
17816e4.2678: *0000000000000000-ffffffffff17ffff 0x0001/0x0000 0x0000000
17916e4.2678: *0000000000e80000-0000000000e5ffff 0x0004/0x0004 0x0020000
18016e4.2678: *0000000000ea0000-0000000000e8afff 0x0002/0x0002 0x0040000
18116e4.2678: 0000000000eb5000-0000000000ea9fff 0x0001/0x0000 0x0000000
18216e4.2678: *0000000000ec0000-0000000000dc4fff 0x0000/0x0004 0x0020000
18316e4.2678: 0000000000fbb000-0000000000fb7fff 0x0104/0x0004 0x0020000
18416e4.2678: 0000000000fbe000-0000000000fbbfff 0x0004/0x0004 0x0020000
18516e4.2678: *0000000000fc0000-0000000000fbbfff 0x0002/0x0002 0x0040000
18616e4.2678: 0000000000fc4000-0000000000fb7fff 0x0001/0x0000 0x0000000
18716e4.2678: *0000000000fd0000-0000000000fcdfff 0x0004/0x0004 0x0020000
18816e4.2678: 0000000000fd2000-0000000000fc3fff 0x0001/0x0000 0x0000000
18916e4.2678: *0000000000fe0000-0000000000fdefff 0x0004/0x0004 0x0020000
19016e4.2678: 0000000000fe1000-0000000000fc1fff 0x0001/0x0000 0x0000000
19116e4.2678: *0000000001000000-0000000000e94fff 0x0000/0x0004 0x0020000
19216e4.2678: 000000000116b000-0000000001167fff 0x0004/0x0004 0x0020000
19316e4.2678: 000000000116e000-00000000010dbfff 0x0000/0x0004 0x0020000
19416e4.2678: 0000000001200000-ffffffff8241ffff 0x0001/0x0000 0x0000000
19516e4.2678: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
19616e4.2678: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
19716e4.2678: 000000007fff0000-ffff800a7275ffff 0x0001/0x0000 0x0000000
19816e4.2678: *00007ff68d880000-00007ff68d85cfff 0x0002/0x0002 0x0040000
19916e4.2678: 00007ff68d8a3000-00007ff68cc35fff 0x0001/0x0000 0x0000000
20016e4.2678: *00007ff68e510000-00007ff68e510fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20116e4.2678: 00007ff68e511000-00007ff68e580fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20216e4.2678: 00007ff68e581000-00007ff68e581fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20316e4.2678: 00007ff68e582000-00007ff68e5c6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20416e4.2678: 00007ff68e5c7000-00007ff68e5c7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20516e4.2678: 00007ff68e5c8000-00007ff68e5c8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20616e4.2678: 00007ff68e5c9000-00007ff68e5cdfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20716e4.2678: 00007ff68e5ce000-00007ff68e5cefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20816e4.2678: 00007ff68e5cf000-00007ff68e5cffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20916e4.2678: 00007ff68e5d0000-00007ff68e5d3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
21016e4.2678: 00007ff68e5d4000-00007ff68e61bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
21116e4.2678: 00007ff68e61c000-00007ff68e617fff 0x0001/0x0000 0x0000000
21216e4.2678: *00007ff68e620000-00007ff68e61efff 0x0040/0x0040 0x0020000 !!
21316e4.2678: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00007ff68e620000 (LB 0x1000, 00007ff68e620000 LB 0x1000)
21416e4.2678: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [00007ff68e620000/00007ff68e620000 LB 0/0x1000]
21516e4.2678: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/00007ff68e620000 LB 0x1c8ea0000 s=0x10000 ap=0x0 rp=0x705c08000000001
21616e4.2678: 00007ff68e621000-00007ff4c5781fff 0x0001/0x0000 0x0000000
21716e4.2678: *00007ff8574c0000-00007ff8574c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
21816e4.2678: 00007ff8574c1000-00007ff8575bdfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
21916e4.2678: 00007ff8575be000-00007ff8575fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22016e4.2678: 00007ff8575ff000-00007ff857604fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22116e4.2678: 00007ff857605000-00007ff857605fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22216e4.2678: 00007ff857606000-00007ff857607fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22316e4.2678: 00007ff857608000-00007ff857614fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22416e4.2678: 00007ff857615000-00007ff857615fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22516e4.2678: 00007ff857616000-00007ff857618fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22616e4.2678: 00007ff857619000-00007ff857680fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
22716e4.2678: 00007ff857681000-00007ff0aed21fff 0x0001/0x0000 0x0000000
22816e4.2678: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
22916e4.2678: VirtualBox.exe: timestamp 0x578cc301 (rc=VINF_SUCCESS)
23016e4.2678: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
23116e4.2678: VirtualBox.exe: Differences in section #0 (headers) between file and memory:
23216e4.2678: 00007ff68e510172 / 0x0000172: 00 != 11
23316e4.2678: 00007ff68e510174 / 0x0000174: 00 != 14
23416e4.2678: Restored 0x400 bytes of original file content at 00007ff68e510000
23516e4.2678: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
23616e4.2678: supR3HardNtChildPurify: cFixes=2 g_fSupAdversaries=0x10083
23716e4.2678: supR3HardNtChildPurify: Startup delay kludge #1/1: 517 ms, 59 sleeps
23816e4.2678: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
23916e4.2678: *0000000000000000-ffffffffff17ffff 0x0001/0x0000 0x0000000
24016e4.2678: *0000000000e80000-0000000000e5ffff 0x0004/0x0004 0x0020000
24116e4.2678: *0000000000ea0000-0000000000e8afff 0x0002/0x0002 0x0040000
24216e4.2678: 0000000000eb5000-0000000000ea9fff 0x0001/0x0000 0x0000000
24316e4.2678: *0000000000ec0000-0000000000dc4fff 0x0000/0x0004 0x0020000
24416e4.2678: 0000000000fbb000-0000000000fb7fff 0x0104/0x0004 0x0020000
24516e4.2678: 0000000000fbe000-0000000000fbbfff 0x0004/0x0004 0x0020000
24616e4.2678: *0000000000fc0000-0000000000fbbfff 0x0002/0x0002 0x0040000
24716e4.2678: 0000000000fc4000-0000000000fb7fff 0x0001/0x0000 0x0000000
24816e4.2678: *0000000000fd0000-0000000000fcdfff 0x0004/0x0004 0x0020000
24916e4.2678: 0000000000fd2000-0000000000fc3fff 0x0001/0x0000 0x0000000
25016e4.2678: *0000000000fe0000-0000000000fdefff 0x0004/0x0004 0x0020000
25116e4.2678: 0000000000fe1000-0000000000fc1fff 0x0001/0x0000 0x0000000
25216e4.2678: *0000000001000000-0000000000e94fff 0x0000/0x0004 0x0020000
25316e4.2678: 000000000116b000-0000000001167fff 0x0004/0x0004 0x0020000
25416e4.2678: 000000000116e000-00000000010dbfff 0x0000/0x0004 0x0020000
25516e4.2678: 0000000001200000-ffffffff8241ffff 0x0001/0x0000 0x0000000
25616e4.2678: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
25716e4.2678: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
25816e4.2678: 000000007fff0000-ffff800a7275ffff 0x0001/0x0000 0x0000000
25916e4.2678: *00007ff68d880000-00007ff68d85cfff 0x0002/0x0002 0x0040000
26016e4.2678: 00007ff68d8a3000-00007ff68cc35fff 0x0001/0x0000 0x0000000
26116e4.2678: *00007ff68e510000-00007ff68e510fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
26216e4.2678: 00007ff68e511000-00007ff68e580fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
26316e4.2678: 00007ff68e581000-00007ff68e581fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
26416e4.2678: 00007ff68e582000-00007ff68e5c6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
26516e4.2678: 00007ff68e5c7000-00007ff68e5d3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
26616e4.2678: 00007ff68e5d4000-00007ff68e61bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
26716e4.2678: 00007ff68e61c000-00007ff4c5777fff 0x0001/0x0000 0x0000000
26816e4.2678: *00007ff8574c0000-00007ff8574c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
26916e4.2678: 00007ff8574c1000-00007ff8575bdfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27016e4.2678: 00007ff8575be000-00007ff8575fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27116e4.2678: 00007ff8575ff000-00007ff857602fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27216e4.2678: 00007ff857603000-00007ff857607fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27316e4.2678: 00007ff857608000-00007ff857614fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27416e4.2678: 00007ff857615000-00007ff857615fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27516e4.2678: 00007ff857616000-00007ff857618fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27616e4.2678: 00007ff857619000-00007ff857680fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27716e4.2678: 00007ff857681000-00007ff0aed21fff 0x0001/0x0000 0x0000000
27816e4.2678: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
27916e4.2678: supR3HardNtChildPurify: Done after 1103 ms and 2 fixes (loop #1).
28028d0.1a84: Log file opened: 5.0.26r108824 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0295a00
28128d0.1a84: supR3HardenedVmProcessInit: uNtDllAddr=00007ff8574c0000 g_uNtVerCombined=0xa0295a00
28216e4.2678: supR3HardNtEnableThreadCreation:
28328d0.1a84: ntdll.dll: timestamp 0x571af2eb (rc=VINF_SUCCESS)
28428d0.1a84: New simple heap: #1 0000000001300000 LB 0x400000 (for 1839104 allocation)
28528d0.1a84: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
28628d0.1a84: System32: \Device\HarddiskVolume2\Windows\System32
28728d0.1a84: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
28828d0.1a84: KnownDllPath: C:\WINDOWS\system32
28928d0.1a84: supR3HardenedVmProcessInit: Opening vboxdrv stub...
29028d0.1a84: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
29128d0.1a84: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
29228d0.1a84: Registered Dll notification callback with NTDLL.
29328d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
29428d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
29528d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
29628d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff853be0000 LB 0x001e8000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0]
29728d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
29828d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
29928d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff8549d0000 LB 0x000ad000 C:\WINDOWS\system32\KERNEL32.DLL [fFlags=0x0]
30028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
30128d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8549d0000 'C:\WINDOWS\system32\KERNEL32.DLL'
30228d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff68e510000 LB 0x0010c000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
30328d0.1a84: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
30428d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
30528d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
30628d0.1a84: supR3HardenedMonitor_LdrLoadDll: Refusing to load 'C:\Program Files\Avecto\Privilege Guard Client\PGHook.dll' as it is expected to create undesirable threads that will upset our respawn checks (returning STATUS_TOO_MANY_THREADS)
30728d0.1a84: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff857536d50 pvNtTerminateThread=00007ff857565b30
30816e4.2678: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 148 ms.
30928d0.1a84: \SystemRoot\System32\ntdll.dll:
31028d0.1a84: CreationTime: 2016-08-26T10:18:33.398022200Z
31128d0.1a84: LastWriteTime: 2016-04-23T05:24:28.464629900Z
31228d0.1a84: ChangeTime: 2016-08-29T08:36:32.121899100Z
31328d0.1a84: FileAttributes: 0x20
31428d0.1a84: Size: 0x1bc248
31528d0.1a84: NT Headers: 0xe0
31628d0.1a84: Timestamp: 0x571af2eb
31728d0.1a84: Machine: 0x8664 - amd64
31828d0.1a84: Timestamp: 0x571af2eb
31928d0.1a84: Image Version: 10.0
32028d0.1a84: SizeOfImage: 0x1c1000 (1839104)
32128d0.1a84: Resource Dir: 0x159000 LB 0x66218
32228d0.1a84: ProductName: Microsoft® Windows® Operating System
32328d0.1a84: ProductVersion: 10.0.10586.306
32428d0.1a84: FileVersion: 10.0.10586.306 (th2_release_sec.160422-1850)
32528d0.1a84: FileDescription: NT Layer DLL
32628d0.1a84: \SystemRoot\System32\kernel32.dll:
32728d0.1a84: CreationTime: 2015-10-30T07:17:46.221743200Z
32828d0.1a84: LastWriteTime: 2015-10-30T07:17:46.221743200Z
32928d0.1a84: ChangeTime: 2016-08-10T16:23:29.865203500Z
33028d0.1a84: FileAttributes: 0x20
33128d0.1a84: Size: 0xac430
33228d0.1a84: NT Headers: 0xf0
33328d0.1a84: Timestamp: 0x5632d5aa
33428d0.1a84: Machine: 0x8664 - amd64
33528d0.1a84: Timestamp: 0x5632d5aa
33628d0.1a84: Image Version: 10.0
33728d0.1a84: SizeOfImage: 0xad000 (708608)
33828d0.1a84: Resource Dir: 0xab000 LB 0x528
33928d0.1a84: ProductName: Microsoft® Windows® Operating System
34028d0.1a84: ProductVersion: 10.0.10586.0
34128d0.1a84: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
34228d0.1a84: FileDescription: Windows NT BASE API Client DLL
34328d0.1a84: \SystemRoot\System32\KernelBase.dll:
34428d0.1a84: CreationTime: 2016-08-26T10:15:58.917701600Z
34528d0.1a84: LastWriteTime: 2016-07-01T04:49:21.864958900Z
34628d0.1a84: ChangeTime: 2016-08-29T08:36:28.250157000Z
34728d0.1a84: FileAttributes: 0x20
34828d0.1a84: Size: 0x1e7a10
34928d0.1a84: NT Headers: 0xf0
35028d0.1a84: Timestamp: 0x5775e4c5
35128d0.1a84: Machine: 0x8664 - amd64
35228d0.1a84: Timestamp: 0x5775e4c5
35328d0.1a84: Image Version: 10.0
35428d0.1a84: SizeOfImage: 0x1e8000 (1998848)
35528d0.1a84: Resource Dir: 0x1d1000 LB 0x548
35628d0.1a84: ProductName: Microsoft® Windows® Operating System
35728d0.1a84: ProductVersion: 10.0.10586.494
35828d0.1a84: FileVersion: 10.0.10586.494 (th2_release_sec.160630-1736)
35928d0.1a84: FileDescription: Windows NT BASE API Client DLL
36028d0.1a84: \SystemRoot\System32\apisetschema.dll:
36128d0.1a84: CreationTime: 2015-10-30T07:17:57.502957900Z
36228d0.1a84: LastWriteTime: 2015-10-30T07:17:57.502957900Z
36328d0.1a84: ChangeTime: 2016-08-10T16:23:15.880826600Z
36428d0.1a84: FileAttributes: 0x20
36528d0.1a84: Size: 0x16d60
36628d0.1a84: NT Headers: 0xc8
36728d0.1a84: Timestamp: 0x5632d94c
36828d0.1a84: Machine: 0x8664 - amd64
36928d0.1a84: Timestamp: 0x5632d94c
37028d0.1a84: Image Version: 10.0
37128d0.1a84: SizeOfImage: 0x18000 (98304)
37228d0.1a84: Resource Dir: 0x17000 LB 0x400
37328d0.1a84: ProductName: Microsoft® Windows® Operating System
37428d0.1a84: ProductVersion: 10.0.10586.0
37528d0.1a84: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
37628d0.1a84: FileDescription: ApiSet Schema DLL
37728d0.1a84: NtOpenDirectoryObject failed on \Driver: 0xc0000022
37828d0.1a84: supR3HardenedWinFindAdversaries: 0x10083
37928d0.1a84: \SystemRoot\System32\drivers\SysPlant.sys:
38028d0.1a84: CreationTime: 2015-09-09T09:54:34.896250000Z
38128d0.1a84: LastWriteTime: 2016-08-09T23:42:50.554114600Z
38228d0.1a84: ChangeTime: 2016-08-10T07:50:39.586208600Z
38328d0.1a84: FileAttributes: 0x20
38428d0.1a84: Size: 0x2b9a8
38528d0.1a84: NT Headers: 0x100
38628d0.1a84: Timestamp: 0x576a282d
38728d0.1a84: Machine: 0x8664 - amd64
38828d0.1a84: Timestamp: 0x576a282d
38928d0.1a84: Image Version: 5.0
39028d0.1a84: SizeOfImage: 0x30000 (196608)
39128d0.1a84: Resource Dir: 0x2e000 LB 0x498
39228d0.1a84: ProductName: Symantec CMC Firewall
39328d0.1a84: ProductVersion: 12.1.7004.6500
39428d0.1a84: FileVersion: 12.1.7004.6500
39528d0.1a84: FileDescription: Symantec CMC Firewall SysPlant
39628d0.1a84: \SystemRoot\System32\sysfer.dll:
39728d0.1a84: CreationTime: 2015-09-09T09:54:34.865000000Z
39828d0.1a84: LastWriteTime: 2016-08-09T23:42:50.554114600Z
39928d0.1a84: ChangeTime: 2016-08-10T07:50:39.476826700Z
40028d0.1a84: FileAttributes: 0x20
40128d0.1a84: Size: 0x73728
40228d0.1a84: NT Headers: 0xf0
40328d0.1a84: Timestamp: 0x576a2837
40428d0.1a84: Machine: 0x8664 - amd64
40528d0.1a84: Timestamp: 0x576a2837
40628d0.1a84: Image Version: 0.0
40728d0.1a84: SizeOfImage: 0x89000 (561152)
40828d0.1a84: Resource Dir: 0x87000 LB 0x630
40928d0.1a84: ProductName: Symantec CMC Firewall
41028d0.1a84: ProductVersion: 12.1.7004.6500
41128d0.1a84: FileVersion: 12.1.7004.6500
41228d0.1a84: FileDescription: Symantec CMC Firewall sysfer
41328d0.1a84: \SystemRoot\System32\drivers\symevent64x86.sys:
41428d0.1a84: CreationTime: 2015-09-09T09:56:55.630625000Z
41528d0.1a84: LastWriteTime: 2016-08-09T20:56:59.539835600Z
41628d0.1a84: ChangeTime: 2016-08-10T07:50:39.586208600Z
41728d0.1a84: FileAttributes: 0x20
41828d0.1a84: Size: 0x2b8d8
41928d0.1a84: NT Headers: 0xe8
42028d0.1a84: Timestamp: 0x54b87d44
42128d0.1a84: Machine: 0x8664 - amd64
42228d0.1a84: Timestamp: 0x54b87d44
42328d0.1a84: Image Version: 6.0
42428d0.1a84: SizeOfImage: 0x38000 (229376)
42528d0.1a84: Resource Dir: 0x36000 LB 0x3c8
42628d0.1a84: ProductName: SYMEVENT
42728d0.1a84: ProductVersion: 12.9.6.12
42828d0.1a84: FileVersion: 12.9.6.12
42928d0.1a84: FileDescription: Symantec Event Library
43028d0.1a84: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
43128d0.1a84: CreationTime: 2016-08-09T10:33:46.189526500Z
43228d0.1a84: LastWriteTime: 2016-08-09T10:33:46.189526500Z
43328d0.1a84: ChangeTime: 2016-08-10T07:50:39.554949000Z
43428d0.1a84: FileAttributes: 0x20
43528d0.1a84: Size: 0x2eed8
43628d0.1a84: NT Headers: 0xe0
43728d0.1a84: Timestamp: 0x55b855d9
43828d0.1a84: Machine: 0x8664 - amd64
43928d0.1a84: Timestamp: 0x55b855d9
44028d0.1a84: Image Version: 6.1
44128d0.1a84: SizeOfImage: 0x33000 (208896)
44228d0.1a84: Resource Dir: 0x31000 LB 0x3b8
44328d0.1a84: ProductName: Malwarebytes Anti-Malware
44428d0.1a84: ProductVersion: 0.3.0.0
44528d0.1a84: FileVersion: 0.3.0.0
44628d0.1a84: FileDescription: Malwarebytes Anti-Malware
44728d0.1a84: \SystemRoot\System32\drivers\PGDriver.sys:
44828d0.1a84: CreationTime: 2016-06-11T13:24:48.451200100Z
44928d0.1a84: LastWriteTime: 2015-09-07T15:05:44.000000000Z
45028d0.1a84: ChangeTime: 2016-08-10T07:50:39.570548900Z
45128d0.1a84: FileAttributes: 0x20
45228d0.1a84: Size: 0x5580
45328d0.1a84: NT Headers: 0xf8
45428d0.1a84: Timestamp: 0x55eda61c
45528d0.1a84: Machine: 0x8664 - amd64
45628d0.1a84: Timestamp: 0x55eda61c
45728d0.1a84: Image Version: 6.3
45828d0.1a84: SizeOfImage: 0xa000 (40960)
45928d0.1a84: Resource Dir: 0x8000 LB 0x420
46028d0.1a84: ProductName: Avecto Defendpoint
46128d0.1a84: ProductVersion: 4.0.349.0
46228d0.1a84: FileVersion: 4.0.349.0
46328d0.1a84: SpecialBuild: D
46428d0.1a84: FileDescription: Defendpoint Driver
46528d0.1a84: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
46628d0.1a84: Calling main()
46728d0.1a84: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
46828d0.1a84: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
46928d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'secur32.dll'.
47028d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shlwapi.dll'.
47128d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
47228d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
47328d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
47428d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
47528d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
47628d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
47728d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
47828d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Manufacturer\Endpoint Agent\prntm64.dll)
47928d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Manufacturer\Endpoint Agent\prntm64.dll
48028d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
48128d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
48228d0.1a84: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
48328d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
48428d0.1a84: SUPR3HardenedMain: Respawn #2
48528d0.1a84: Error (rc=-5640):
48628d0.1a84: More than one thread in process
48728d0.1a84: Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1)
48828d0.1a84: More than one thread in process
48928d0.1a84: supR3HardNtEnableThreadCreation:
49028d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
49128d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
49228d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'.
49328d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'.
49428d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
49528d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)
49628d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
49728d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
49828d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
49928d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
50028d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
50128d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
50228d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
50328d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
50428d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
50528d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
50628d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
50728d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)
50828d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
50928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
51028d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
51128d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)
51228d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
51328d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
51428d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
51528d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
51628d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'.
51728d0.327c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)
51828d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
51928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
52028d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
52128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
52228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
52328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
52428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
52528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
52628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
52728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtopenglvbox4.dll'.
52828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
52928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
53028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'.
53128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'shell32.dll'.
53228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
53328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
53428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'.
53528d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)
53628d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
53728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
53828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
53928d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
54028d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
54128d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
54228d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
54328d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
54428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
54528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
54628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
54728d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll)
54828d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
54928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
55028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
55128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
55228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
55328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
55428d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)
55528d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
55628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
55728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
55828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
55928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
56028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
56128d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
56228d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
56328d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
56428d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
56528d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
56628d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
56728d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'gdi32.dll'.
56828d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
56928d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
57028d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
57128d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'secur32.dll'...
57228d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'secur32.dll' -> '\Device\HarddiskVolume2\Windows\System32\secur32.dll' [rcNtRedir=0xc0150008]
57328d0.327c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\secur32.dll)
57428d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\secur32.dll
57528d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
57628d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
57728d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
57828d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
57928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
58028d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
58128d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
58228d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
58328d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
58428d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
58528d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
58628d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
58728d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
58828d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
58928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
59028d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
59128d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
59228d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
59328d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
59428d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
59528d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
59628d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'bcryptprimitives.dll'.
59728d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\combase.dll)
59828d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\combase.dll
59928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
60028d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
60128d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
60228d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
60328d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
60428d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
60528d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
60628d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
60728d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
60828d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
60928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
61028d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
61128d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmmbase.dll)
61228d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmmbase.dll
61328d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
61428d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
61528d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
61628d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
61728d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
61828d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
61928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
62028d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
62128d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
62228d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
62328d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
62428d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
62528d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
62628d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
62728d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
62828d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
62928d0.327c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Manufacturer\Endpoint Agent\prntm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
63028d0.327c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Manufacturer\Endpoint Agent\prntm64.dll [lacks WinVerifyTrust]
63128d0.327c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\secur32.dll [lacks WinVerifyTrust]
63228d0.327c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust]
63328d0.327c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
63428d0.327c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
63528d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
63628d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
63728d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
63828d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sspicli.dll)
63928d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sspicli.dll
64028d0.327c: supR3HardenedDllNotificationCallback: load 00007ff844dd0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\Secur32.dll [fFlags=0x0]
64128d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\secur32.dll [lacks WinVerifyTrust]
64228d0.327c: supR3HardenedDllNotificationCallback: load 00007ff856fa0000 LB 0x0009d000 C:\WINDOWS\system32\msvcrt.dll [fFlags=0x0]
64328d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
64428d0.327c: supR3HardenedDllNotificationCallback: load 00007ff856e80000 LB 0x0011c000 C:\WINDOWS\system32\RPCRT4.dll [fFlags=0x0]
64528d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
64628d0.327c: supR3HardenedDllNotificationCallback: load 00007ff854710000 LB 0x0006a000 C:\WINDOWS\system32\bcryptPrimitives.dll [fFlags=0x0]
64728d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
64828d0.327c: supR3HardenedDllNotificationCallback: load 00007ff855060000 LB 0x0027d000 C:\WINDOWS\system32\combase.dll [fFlags=0x0]
64928d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
65028d0.327c: supR3HardenedDllNotificationCallback: load 00007ff8572d0000 LB 0x00156000 C:\WINDOWS\system32\USER32.dll [fFlags=0x0]
65128d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
65228d0.327c: supR3HardenedDllNotificationCallback: load 00007ff8554a0000 LB 0x00186000 C:\WINDOWS\system32\GDI32.dll [fFlags=0x0]
65328d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
65428d0.327c: supR3HardenedDllNotificationCallback: load 00007ff856dc0000 LB 0x00052000 C:\WINDOWS\system32\SHLWAPI.dll [fFlags=0x0]
65528d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
65628d0.327c: supR3HardenedDllNotificationCallback: load 00007ff853820000 LB 0x00029000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0]
65728d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
65828d0.327c: supR3HardenedDllNotificationCallback: load 00007ff84b5d0000 LB 0x00084000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
65928d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust]
66028d0.327c: supR3HardenedDllNotificationCallback: load 0000000072770000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
66128d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
66228d0.327c: supR3HardenedDllNotificationCallback: load 0000000072850000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
66328d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
66428d0.327c: supR3HardenedDllNotificationCallback: load 00007ff856e20000 LB 0x0005b000 C:\WINDOWS\system32\sechost.dll [fFlags=0x0]
66528d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
66628d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
66728d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
66828d0.327c: supR3HardenedDllNotificationCallback: load 00007ff856cb0000 LB 0x000a7000 C:\WINDOWS\system32\ADVAPI32.dll [fFlags=0x0]
66928d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
67028d0.327c: supR3HardenedDllNotificationCallback: load 00007ff8552e0000 LB 0x00143000 C:\WINDOWS\system32\ole32.dll [fFlags=0x0]
67128d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
67228d0.327c: supR3HardenedDllNotificationCallback: load 00007ff853680000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\SSPICLI.DLL [fFlags=0x0]
67328d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sspicli.dll [lacks WinVerifyTrust]
67428d0.327c: supR3HardenedDllNotificationCallback: load 00007ff832ee0000 LB 0x00062000 C:\Program Files\Manufacturer\Endpoint Agent\prntm64.dll [fFlags=0x0]
67528d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Manufacturer\Endpoint Agent\prntm64.dll [lacks WinVerifyTrust]
67628d0.327c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
67728d0.327c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
67828d0.327c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
67928d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
68028d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
68128d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
68228d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
68328d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
68428d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
68528d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
68628d0.327c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
68728d0.327c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
68828d0.327c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
68928d0.327c: supR3HardenedDllNotificationCallback: load 00007ff855460000 LB 0x0003b000 C:\WINDOWS\system32\IMM32.DLL [fFlags=0x0]
69028d0.327c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
69128d0.327c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff855460000 'C:\WINDOWS\system32\IMM32.DLL'
69228d0.327c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff832ee0000 'C:\Program Files\Manufacturer\Endpoint Agent\prntm64.dll'
69328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
69428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #65 'user32.dll'.
69528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #67 'gdi32.dll'.
69628d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)
69728d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
69828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
69928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
70028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
70128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
70228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
70328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
70428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
70528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
70628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
70728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
70828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
70928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
71028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
71128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
71228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
71328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
71428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
71528d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)
71628d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
71728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
71828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
71928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
72028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
72128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
72228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
72328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
72428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
72528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
72628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
72728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
72828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
72928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
73028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
73128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
73228d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
73328d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
73428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
73528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
73628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
73728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
73828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
73928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
74028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
74128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
74228d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
74328d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
74428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
74528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
74628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
74728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
74828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
74928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
75028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
75128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
75228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
75328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
75428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
75528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
75628d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)
75728d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
75828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
75928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
76028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
76128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
76228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
76328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
76428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
76528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
76628d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)
76728d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
76828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
76928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
77028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
77128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
77228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
77328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
77428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
77528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
77628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
77728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
77828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
77928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
78028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
78128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume2\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
78228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
78328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
78428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
78528d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
78628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
78728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
78828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
78928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
79028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
79128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
79228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
79328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
79428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
79528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
79628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
79728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
79828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
79928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
80028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
80128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
80228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
80328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
80428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
80528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
80628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
80728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'.
80828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'.
80928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'dciman32.dll'.
81028d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)
81128d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
81228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
81328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
81428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
81528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
81628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
81728d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)
81828d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
81928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
82028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
82128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
82228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
82328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
82428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
82528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
82628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
82728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
82828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
82928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
83028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
83128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
83228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
83328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
83428d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)
83528d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
83628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
83728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
83828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
83928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
84028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
84128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
84228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
84328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
84428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
84528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
84628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
84728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
84828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
84928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
85028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
85128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
85228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
85328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
85428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
85528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
85628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
85728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
85828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
85928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
86028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
86128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
86228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
86328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
86428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
86528d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
86628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
86728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
86828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
86928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
87028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
87128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
87228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
87328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
87428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
87528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
87628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
87728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
87828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
87928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
88028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
88128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
88228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
88328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust]
88428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
88528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
88628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
88728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
88828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
88928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
89028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
89128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
89228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
89328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
89428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
89528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
89628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'user32.dll'.
89728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'shlwapi.dll'.
89828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'.
89928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'comctl32.dll'.
90028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'shell32.dll'.
90128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'firewallapi.dll'.
90228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'netapi32.dll'.
90328d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)
90428d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
90528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
90628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
90728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
90828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
90928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
91028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
91128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
91228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
91328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
91428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
91528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
91628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust]
91728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
91828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
91928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
92028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
92128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
92228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
92328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
92428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
92528d0.1a84: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
92628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
92728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
92828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
92928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
93028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
93128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
93228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
93328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
93428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
93528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
93628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\netapi32.dll' [rcNtRedir=0xc0150008]
93728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
93828d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\netapi32.dll)
93928d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\netapi32.dll
94028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'firewallapi.dll'...
94128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'firewallapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\firewallapi.dll' [rcNtRedir=0xc0150008]
94228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
94328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
94428d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\FirewallAPI.dll)
94528d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\FirewallAPI.dll
94628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
94728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
94828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
94928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
95028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
95128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
95228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
95328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
95428d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)
95528d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
95628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
95728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
95828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
95928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
96028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
96128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
96228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
96328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
96428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
96528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
96628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
96728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
96828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
96928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
97028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
97128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
97228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
97328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
97428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
97528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
97628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
97728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
97828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
97928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
98028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
98128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
98228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
98328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
98428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
98528d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)
98628d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
98728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
98828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
98928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
99028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
99128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
99228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
99328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
99428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
99528d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
99628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
99728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
99828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
99928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
100028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
100128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
100228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
100328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
100428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
100528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
100628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
100728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
100828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
100928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
101028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
101128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
101228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
101328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
101428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
101528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
101628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
101728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
101828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
101928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
102028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
102128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
102228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
102328d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
102428d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
102528d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
102628d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
102728d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
102828d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust]
102928d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust]
103028d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
103128d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust]
103228d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
103328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
103428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
103528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
103628d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll)
103728d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll
103828d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
103928d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
104028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
104128d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\davhlpr.dll)
104228d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\davhlpr.dll
104328d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff838d70000 LB 0x00008000 C:\WINDOWS\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
104428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
104528d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff82db80000 LB 0x000fa000 C:\WINDOWS\SYSTEM32\DDRAW.dll [fFlags=0x0]
104628d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
104728d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff838bb0000 LB 0x0002e000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
104828d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust]
104928d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff82dc80000 LB 0x00129000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
105028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
105128d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff8556e0000 LB 0x0006b000 C:\WINDOWS\system32\WS2_32.dll [fFlags=0x0]
105228d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
105328d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff825d00000 LB 0x0050f000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
105428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
105528d0.1a84: supR3HardenedDllNotificationCallback: load 0000000072490000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
105628d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
105728d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff854780000 LB 0x000b5000 C:\WINDOWS\system32\shcore.dll [fFlags=0x0]
105828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
105928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
106028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
106128d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\SHCore.dll)
106228d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\SHCore.dll
106328d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff843a40000 LB 0x000aa000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\COMCTL32.dll [fFlags=0x0]
106428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll [lacks WinVerifyTrust]
106528d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff8546a0000 LB 0x00043000 C:\WINDOWS\system32\cfgmgr32.dll [fFlags=0x0]
106628d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
106728d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
106828d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff853b30000 LB 0x0000f000 C:\WINDOWS\system32\kernel.appcore.dll [fFlags=0x0]
106928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'.
107028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
107128d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll)
107228d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll
107328d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff853ae0000 LB 0x0004b000 C:\WINDOWS\system32\powrprof.dll [fFlags=0x0]
107428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
107528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
107628d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\powrprof.dll)
107728d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\powrprof.dll
107828d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff853ac0000 LB 0x00014000 C:\WINDOWS\system32\profapi.dll [fFlags=0x0]
107928d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
108028d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
108128d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff853dd0000 LB 0x00645000 C:\WINDOWS\system32\windows.storage.dll [fFlags=0x0]
108228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
108328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
108428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'combase.dll'.
108528d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'profapi.dll'.
108628d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\windows.storage.dll)
108728d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\windows.storage.dll
108828d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff855750000 LB 0x0155c000 C:\WINDOWS\system32\SHELL32.dll [fFlags=0x0]
108928d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
109028d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff853b50000 LB 0x00086000 C:\WINDOWS\system32\FirewallAPI.dll [fFlags=0x0]
109128d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\FirewallAPI.dll [lacks WinVerifyTrust]
109228d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff8546f0000 LB 0x00017000 C:\WINDOWS\system32\NETAPI32.dll [fFlags=0x0]
109328d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\netapi32.dll [lacks WinVerifyTrust]
109428d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff84b550000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\DAVHLPR.DLL [fFlags=0x0]
109528d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\davhlpr.dll [lacks WinVerifyTrust]
109628d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff8571a0000 LB 0x0010b000 C:\WINDOWS\system32\COMDLG32.dll [fFlags=0x0]
109728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
109828d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff854900000 LB 0x000c1000 C:\WINDOWS\system32\OLEAUT32.dll [fFlags=0x0]
109928d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
110028d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff851fb0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
110128d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
110228d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff852010000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
110328d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
110428d0.1a84: supR3HardenedDllNotificationCallback: load 000000006f460000 LB 0x0096c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
110528d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust]
110628d0.1a84: supR3HardenedDllNotificationCallback: load 00000000723b0000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
110728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust]
110828d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff825440000 LB 0x008c0000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
110928d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
111028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
111128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
111228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
111328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
111428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
111528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
111628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
111728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
111828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
111928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
112028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
112128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
112228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
112328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
112428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
112528d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
112628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
112728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
112828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
112928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
113028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
113128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
113228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
113328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
113428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
113528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
113628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
113728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
113828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
113928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
114028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
114128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
114228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
114328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
114428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
114528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
114628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
114728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
114828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
114928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
115028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
115128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
115228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
115328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
115428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
115528d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
115628d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
115728d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
115828d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
115928d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
116028d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116128d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
116228d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
116328d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
116528d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
116628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
116828d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
116928d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117128d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
117228d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117328d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117428d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117528d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117828d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117928d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118028d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118128d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118228d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118328d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118428d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118528d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118828d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
118928d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119128d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119228d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119328d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119528d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119628d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119728d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119828d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119928d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120128d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120228d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120328d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120528d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120628d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120728d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120828d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120928d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121128d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121228d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121328d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121528d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121628d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121728d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121828d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121928d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
122028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
122128d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
122228d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
122328d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
122428d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
122528d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
122628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825d00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
122728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
122828d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
122928d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff855460000 'C:\WINDOWS\system32\imm32.dll'
123028d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
123128d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
123228d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\fwbase.dll)
123328d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\fwbase.dll
123428d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff852610000 LB 0x00032000 C:\WINDOWS\SYSTEM32\fwbase.dll [fFlags=0x0]
123528d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\fwbase.dll [lacks WinVerifyTrust]
123628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff825440000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
123728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
123828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
123928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
124028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
124128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
124228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
124328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
124428d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
124528d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff852010000 'C:\WINDOWS\system32\winmm.dll'
124628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
124728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
124828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
124928d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll)
125028d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
125128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
125228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
125328d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
125428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
125528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
125628d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
125728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
125828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
125928d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
126028d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
126128d0.1a84: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
126228d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff852170000 LB 0x00096000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
126328d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
126428d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff852170000 'C:\WINDOWS\system32\uxtheme.dll'
126528d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff857040000 LB 0x0015a000 C:\WINDOWS\system32\MSCTF.dll [fFlags=0x0]
126628d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
126728d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
126828d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
126928d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'.
127028d0.1a84: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
127128d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
127228d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
127328d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
127428d0.1a84: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'.
127528d0.1a84: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)
127628d0.1a84: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
127728d0.1a84: supR3HardenedDllNotificationCallback: load 00007ff8519e0000 LB 0x00022000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0]
127828d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust]
127928d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
128028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
128128d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
128228d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
128328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
128428d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
128528d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
128628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
128728d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
128828d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
128928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
129028d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
129128d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
129228d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
129328d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
129428d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
129528d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
129628d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
129728d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
129828d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
129928d0.1a84: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
130028d0.1a84: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
130128d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
130228d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff855750000 'C:\WINDOWS\system32\shell32.dll'
130328d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
130428d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
130528d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8549d0000 'C:\WINDOWS\system32\kernel32.dll'
130628d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
130728d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
130828d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff852170000 'C:\WINDOWS\system32\uxtheme.dll'
130928d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
131028d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
131128d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff852170000 'C:\WINDOWS\system32\uxtheme.dll'
131228d0.1a84: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
131328d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
131428d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll'
131528d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
131628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8572d0000 'C:\WINDOWS\system32\user32.dll'
131728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
131828d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
131928d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff852170000 'C:\WINDOWS\system32\uxtheme.dll'
132028d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
132128d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8572d0000 'C:\WINDOWS\system32\user32.dll'
132228d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
132328d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8554a0000 'C:\WINDOWS\system32\gdi32.dll'
132428d0.1a84: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
132528d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
132628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll'
132728d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
132828d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8572d0000 'C:\WINDOWS\system32\user32.dll'
132928d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
133028d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
133128d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8549d0000 'C:\WINDOWS\system32\kernel32.dll'
133228d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
133328d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff856e80000 'C:\WINDOWS\system32\rpcrt4.dll'
133428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
133528d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
133628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff857040000 'C:\WINDOWS\system32\MSCTF.dll'
133728d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
133828d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
133928d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'.
134028d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'.
134128d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll)
134228d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
134328d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
134428d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
134528d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
134628d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
134728d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
134828d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
134928d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
135028d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\propsys.dll)
135128d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll
135228d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff852280000 LB 0x00027000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
135328d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust]
135428d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84f180000 LB 0x00186000 C:\WINDOWS\SYSTEM32\PROPSYS.dll [fFlags=0x0]
135528d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust]
135628d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84ec70000 LB 0x00070000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0]
135728d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
135828d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
135928d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'.
136028d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
136128d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'winmm.dll'.
136228d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'avrt.dll'.
136328d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'mmdevapi.dll'.
136428d0.1cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv)
136528d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
136628d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
136728d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
136828d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
136928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
137028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
137128d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\avrt.dll)
137228d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll
137328d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
137428d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
137528d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
137628d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
137728d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
137828d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
137928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
138028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
138128d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
138228d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll)
138328d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll
138428d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
138528d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
138628d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
138728d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
138828d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
138928d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
139028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
139128d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
139228d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
139328d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
139428d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
139528d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
139628d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
139728d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
139828d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
139928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
140028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
140128d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
140228d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
140328d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
140428d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust]
140528d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
140628d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
140728d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust]
140828d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
140928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
141028d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
141128d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
141228d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
141328d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
141428d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
141528d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
141628d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
141728d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
141828d0.1cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
141928d0.1cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
142028d0.1cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust]
142128d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84bc90000 LB 0x00008000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
142228d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
142328d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff850950000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
142428d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust]
142528d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84bca0000 LB 0x00042000 C:\WINDOWS\system32\wdmaud.drv [fFlags=0x0]
142628d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
142728d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
142828d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
142928d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
143028d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
143128d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
143228d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
143328d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ec70000 'C:\WINDOWS\system32\MMDEVAPI.DLL'
143428d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
143528d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
143628d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
143728d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
143828d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
143928d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
144028d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
144128d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
144228d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
144328d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
144428d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
144528d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
144628d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'mmdevapi.dll'.
144728d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll)
144828d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
144928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
145028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
145128d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
145228d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
145328d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
145428d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
145528d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
145628d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
145728d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
145828d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
145928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
146028d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
146128d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
146228d0.1cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
146328d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
146428d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'combase.dll'.
146528d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
146628d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\WinTypes.dll)
146728d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\WinTypes.dll
146828d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84ed30000 LB 0x00136000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
146928d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WinTypes.dll [lacks WinVerifyTrust]
147028d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84bc00000 LB 0x00088000 C:\WINDOWS\system32\AUDIOSES.DLL [fFlags=0x0]
147128d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
147228d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bc00000 'C:\WINDOWS\system32\AUDIOSES.DLL'
147328d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
147428d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
147528d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
147628d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
147728d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
147828d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
147928d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
148028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
148128d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
148228d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
148328d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
148428d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
148528d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
148628d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
148728d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
148828d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
148928d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
149028d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
149128d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
149228d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
149328d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
149428d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
149528d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84bca0000 'C:\WINDOWS\system32\wdmaud.drv'
149628d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
149728d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
149828d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'.
149928d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'.
150028d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'.
150128d0.1cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv)
150228d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv
150328d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
150428d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
150528d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
150628d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
150728d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
150828d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
150928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
151028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
151128d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
151228d0.1cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll)
151328d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll
151428d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
151528d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
151628d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
151728d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
151828d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
151928d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
152028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
152128d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
152228d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
152328d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
152428d0.1cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
152528d0.1cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
152628d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84ba40000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
152728d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
152828d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84ba60000 LB 0x0000c000 C:\WINDOWS\system32\msacm32.drv [fFlags=0x0]
152928d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
153028d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
153128d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
153228d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
153328d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
153428d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
153528d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
153628d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
153728d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
153828d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
153928d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
154028d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
154128d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
154228d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
154328d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
154428d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
154528d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
154628d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
154728d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
154828d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
154928d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
155028d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
155128d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
155228d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
155328d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
155428d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba60000 'C:\WINDOWS\system32\msacm32.drv'
155528d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
155628d0.1cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'.
155728d0.1cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\midimap.dll)
155828d0.1cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll
155928d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
156028d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
156128d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
156228d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
156328d0.1cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
156428d0.1cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
156528d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
156628d0.1cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
156728d0.1cd8: supR3HardenedDllNotificationCallback: load 00007ff84ba30000 LB 0x0000a000 C:\WINDOWS\system32\midimap.dll [fFlags=0x0]
156828d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
156928d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba30000 'C:\WINDOWS\system32\midimap.dll'
157028d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
157128d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
157228d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba30000 'C:\WINDOWS\system32\midimap.dll'
157328d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
157428d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
157528d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba30000 'C:\WINDOWS\system32\midimap.dll'
157628d0.1cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
157728d0.1cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
157828d0.1cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ba30000 'C:\WINDOWS\system32\midimap.dll'
157928d0.bec: supR3HardenedDllNotificationCallback: load 00007ff855630000 LB 0x000a7000 C:\WINDOWS\system32\clbcatq.dll [fFlags=0x0]
158028d0.bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
158128d0.bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
158228d0.bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)
158328d0.bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
158428d0.bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
158528d0.bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
158628d0.bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
158728d0.bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
158828d0.bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
158928d0.bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
159028d0.bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
159128d0.bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
159228d0.bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84ec70000 'C:\WINDOWS\System32\MMDevApi.dll'
159328d0.1a84: supR3HardenedMonitor_LdrLoadDll: 'C:\WINDOWS\system32\comctl32.dll' -> 'C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll' [redir]
159428d0.1a84: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll [lacks WinVerifyTrust]
159528d0.1a84: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll (Input=C:\WINDOWS\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
159628d0.1a84: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff843a40000 'C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll'
159716e4.2678: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 24041 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy