VirtualBox

Ticket #17904: VBoxHardening-Broken.log

File VBoxHardening-Broken.log, 191.8 KB (added by LhasaHelp, 6 years ago)

Hardening of not working machine

Line 
11258.128c: Log file opened: 5.2.16r123759 g_hStartupLog=00000000000001b4 g_uNtVerCombined=0xa03fab00
21258.128c: \SystemRoot\System32\ntdll.dll:
31258.128c: CreationTime: 2017-09-29T13:41:43.343111100Z
41258.128c: LastWriteTime: 2017-09-29T13:41:43.358737200Z
51258.128c: ChangeTime: 2018-06-18T13:19:38.723299900Z
61258.128c: FileAttributes: 0x20
71258.128c: Size: 0x1dd100
81258.128c: NT Headers: 0xe0
91258.128c: Timestamp: 0x493793ea
101258.128c: Machine: 0x8664 - amd64
111258.128c: Timestamp: 0x493793ea
121258.128c: Image Version: 10.0
131258.128c: SizeOfImage: 0x1e0000 (1966080)
141258.128c: Resource Dir: 0x174000 LB 0x6a1d8
151258.128c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
161258.128c: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
171258.128c: ProductName: Microsoft® Windows® Operating System
181258.128c: ProductVersion: 10.0.16299.15
191258.128c: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
201258.128c: FileDescription: NT Layer DLL
211258.128c: \SystemRoot\System32\kernel32.dll:
221258.128c: CreationTime: 2017-09-29T13:42:04.954227600Z
231258.128c: LastWriteTime: 2017-09-29T13:42:04.954227600Z
241258.128c: ChangeTime: 2018-06-18T13:25:48.340024800Z
251258.128c: FileAttributes: 0x20
261258.128c: Size: 0xab868
271258.128c: NT Headers: 0xe8
281258.128c: Timestamp: 0xc2cf900
291258.128c: Machine: 0x8664 - amd64
301258.128c: Timestamp: 0xc2cf900
311258.128c: Image Version: 10.0
321258.128c: SizeOfImage: 0xae000 (712704)
331258.128c: Resource Dir: 0xac000 LB 0x520
341258.128c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
351258.128c: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
361258.128c: ProductName: Microsoft® Windows® Operating System
371258.128c: ProductVersion: 10.0.16299.15
381258.128c: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
391258.128c: FileDescription: Windows NT BASE API Client DLL
401258.128c: \SystemRoot\System32\KernelBase.dll:
411258.128c: CreationTime: 2017-09-29T13:41:43.124345500Z
421258.128c: LastWriteTime: 2017-09-29T13:41:43.124345500Z
431258.128c: ChangeTime: 2018-06-18T13:25:49.084694300Z
441258.128c: FileAttributes: 0x20
451258.128c: Size: 0x266000
461258.128c: NT Headers: 0xf0
471258.128c: Timestamp: 0x4736733c
481258.128c: Machine: 0x8664 - amd64
491258.128c: Timestamp: 0x4736733c
501258.128c: Image Version: 10.0
511258.128c: SizeOfImage: 0x266000 (2514944)
521258.128c: Resource Dir: 0x245000 LB 0x548
531258.128c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
541258.128c: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
551258.128c: ProductName: Microsoft® Windows® Operating System
561258.128c: ProductVersion: 10.0.16299.15
571258.128c: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
581258.128c: FileDescription: Windows NT BASE API Client DLL
591258.128c: \SystemRoot\System32\apisetschema.dll:
601258.128c: CreationTime: 2017-09-29T13:42:07.095026600Z
611258.128c: LastWriteTime: 2017-09-29T13:42:07.095026600Z
621258.128c: ChangeTime: 2018-06-18T13:19:27.815880800Z
631258.128c: FileAttributes: 0x20
641258.128c: Size: 0x1b398
651258.128c: NT Headers: 0xc8
661258.128c: Timestamp: 0xf30abf31
671258.128c: Machine: 0x8664 - amd64
681258.128c: Timestamp: 0xf30abf31
691258.128c: Image Version: 10.0
701258.128c: SizeOfImage: 0x1c000 (114688)
711258.128c: Resource Dir: 0x1b000 LB 0x408
721258.128c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
731258.128c: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
741258.128c: ProductName: Microsoft® Windows® Operating System
751258.128c: ProductVersion: 10.0.16299.15
761258.128c: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
771258.128c: FileDescription: ApiSet Schema DLL
781258.128c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
791258.128c: supR3HardenedWinFindAdversaries: 0x20
801258.128c: \SystemRoot\System32\drivers\mfeavfk.sys:
811258.128c: CreationTime: 2018-07-30T15:38:55.431527800Z
821258.128c: LastWriteTime: 2018-07-30T15:38:55.431527800Z
831258.128c: ChangeTime: 2018-07-30T15:38:57.119784000Z
841258.128c: FileAttributes: 0x20
851258.128c: Size: 0x56de8
861258.128c: NT Headers: 0xf8
871258.128c: Timestamp: 0x59ceade6
881258.128c: Machine: 0x8664 - amd64
891258.128c: Timestamp: 0x59ceade6
901258.128c: Image Version: 0.0
911258.128c: SizeOfImage: 0x57000 (356352)
921258.128c: Resource Dir: 0x55000 LB 0x750
931258.128c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
941258.128c: [Raw version resource data: 0x55110 LB 0x32c, codepage 0x0 (reserved 0x0)]
951258.128c: ProductName: SYSCORE
961258.128c: ProductVersion: 15.7.0.665
971258.128c: FileVersion: SYSCORE.15.7.0.665
981258.128c: PrivateBuild: SYSCORE.15.7.0.665 F15,F16,F19
991258.128c: FileDescription: Anti-Virus File System Filter Driver
1001258.128c: \SystemRoot\System32\drivers\mfefirek.sys:
1011258.128c: CreationTime: 2018-07-30T15:38:55.478414000Z
1021258.128c: LastWriteTime: 2018-07-30T15:38:55.478414000Z
1031258.128c: ChangeTime: 2018-07-30T15:38:57.260456100Z
1041258.128c: FileAttributes: 0x20
1051258.128c: Size: 0x7b9e8
1061258.128c: NT Headers: 0xe0
1071258.128c: Timestamp: 0x59ceaea4
1081258.128c: Machine: 0x8664 - amd64
1091258.128c: Timestamp: 0x59ceaea4
1101258.128c: Image Version: 0.0
1111258.128c: SizeOfImage: 0x7d000 (512000)
1121258.128c: Resource Dir: 0x79000 LB 0x380
1131258.128c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1141258.128c: [Raw version resource data: 0x79060 LB 0x320, codepage 0x0 (reserved 0x0)]
1151258.128c: ProductName: SYSCORE
1161258.128c: ProductVersion: 15.7.0.665
1171258.128c: FileVersion: SYSCORE.15.7.0.665
1181258.128c: PrivateBuild: SYSCORE.15.7.0.665 F17,F18
1191258.128c: FileDescription: McAfee Core Firewall Engine Driver
1201258.128c: \SystemRoot\System32\drivers\mfehidk.sys:
1211258.128c: CreationTime: 2018-07-30T15:38:55.384589700Z
1221258.128c: LastWriteTime: 2018-07-30T15:38:55.400261600Z
1231258.128c: ChangeTime: 2018-07-30T15:38:57.041658300Z
1241258.128c: FileAttributes: 0x20
1251258.128c: Size: 0xe51e8
1261258.128c: NT Headers: 0xf8
1271258.128c: Timestamp: 0x59cead55
1281258.128c: Machine: 0x8664 - amd64
1291258.128c: Timestamp: 0x59cead55
1301258.128c: Image Version: 0.0
1311258.128c: SizeOfImage: 0xf0000 (983040)
1321258.128c: Resource Dir: 0xec000 LB 0x750
1331258.128c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1341258.128c: [Raw version resource data: 0xec110 LB 0x318, codepage 0x0 (reserved 0x0)]
1351258.128c: ProductName: SYSCORE
1361258.128c: ProductVersion: 15.7.0.665
1371258.128c: FileVersion: SYSCORE.15.7.0.665
1381258.128c: PrivateBuild: SYSCORE.15.7.0.665 F14,F15,F16,F18,F20
1391258.128c: FileDescription: McAfee Link Driver
1401258.128c: \SystemRoot\System32\drivers\mfencbdc.sys:
1411258.128c: CreationTime: 2017-09-27T04:48:08.000000000Z
1421258.128c: LastWriteTime: 2017-09-27T04:48:08.000000000Z
1431258.128c: ChangeTime: 2018-07-30T15:39:37.304355100Z
1441258.128c: FileAttributes: 0x20
1451258.128c: Size: 0x7b9d8
1461258.128c: NT Headers: 0xe8
1471258.128c: Timestamp: 0x59c4cc63
1481258.128c: Machine: 0x8664 - amd64
1491258.128c: Timestamp: 0x59c4cc63
1501258.128c: Image Version: 0.0
1511258.128c: SizeOfImage: 0x7f000 (520192)
1521258.128c: Resource Dir: 0x7d000 LB 0x3e0
1531258.128c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1541258.128c: [Raw version resource data: 0x7d060 LB 0x37c, codepage 0x0 (reserved 0x0)]
1551258.128c: ProductName: Anti-Malware Core
1561258.128c: ProductVersion: 1.5.0
1571258.128c: FileVersion: Anti-Malware Core.1.5.0.4156.x64
1581258.128c: PrivateBuild: Anti-Malware Core.1.5.0.4156.x64
1591258.128c: FileDescription: Event Driver
1601258.128c: \SystemRoot\System32\drivers\mfewfpk.sys:
1611258.128c: CreationTime: 2018-07-30T15:38:55.400261600Z
1621258.128c: LastWriteTime: 2018-07-30T15:38:55.400261600Z
1631258.128c: ChangeTime: 2018-07-30T15:38:56.463078600Z
1641258.128c: FileAttributes: 0x20
1651258.128c: Size: 0x3dbe8
1661258.128c: NT Headers: 0x100
1671258.128c: Timestamp: 0x59cead75
1681258.128c: Machine: 0x8664 - amd64
1691258.128c: Timestamp: 0x59cead75
1701258.128c: Image Version: 0.0
1711258.128c: SizeOfImage: 0x59000 (364544)
1721258.128c: Resource Dir: 0x57000 LB 0x378
1731258.128c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1741258.128c: [Raw version resource data: 0x57060 LB 0x318, codepage 0x0 (reserved 0x0)]
1751258.128c: ProductName: SYSCORE
1761258.128c: ProductVersion: 15.7.0.665
1771258.128c: FileVersion: SYSCORE.15.7.0.665
1781258.128c: PrivateBuild: SYSCORE.15.7.0.665 F17,F18
1791258.128c: FileDescription: Anti-Virus Mini-Firewall Driver
1801258.128c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1811258.128c: Calling main()
1821258.128c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1831258.128c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1841258.128c: SUPR3HardenedMain: Respawn #1
1851258.128c: System32: \Device\HarddiskVolume3\Windows\System32
1861258.128c: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
1871258.128c: KnownDllPath: C:\WINDOWS\System32
1881258.128c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1891258.128c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1901258.128c: supR3HardNtEnableThreadCreation:
1911258.128c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9f43091b0 pvNtTerminateThread=00007ff9f4330890
1921258.128c: supR3HardenedWinDoReSpawn(1): New child 12e0.12e4 [kernel32].
1931258.128c: supR3HardNtChildGatherData: PebBaseAddress=0000000000cc0000 cbPeb=0x388
1941258.128c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff9f4290000 uNtDllChildAddr=00007ff9f4290000
1951258.128c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff9f43091b0
1961258.128c: supR3HardenedWinSetupChildInit: Start child.
1971258.128c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
1981258.128c: supR3HardNtChildPurify: Startup delay kludge #1/0: 516 ms, 32 sleeps
1991258.128c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2001258.128c: *0000000000000000-0000000000a1ffff 0x0001/0x0000 0x0000000
2011258.128c: *0000000000a20000-0000000000a3ffff 0x0004/0x0004 0x0020000
2021258.128c: *0000000000a40000-0000000000a58fff 0x0002/0x0002 0x0040000
2031258.128c: 0000000000a59000-0000000000a5ffff 0x0001/0x0000 0x0000000
2041258.128c: *0000000000a60000-0000000000b5afff 0x0000/0x0004 0x0020000
2051258.128c: 0000000000b5b000-0000000000b5dfff 0x0104/0x0004 0x0020000
2061258.128c: 0000000000b5e000-0000000000b5ffff 0x0004/0x0004 0x0020000
2071258.128c: *0000000000b60000-0000000000b63fff 0x0002/0x0002 0x0040000
2081258.128c: 0000000000b64000-0000000000b6ffff 0x0001/0x0000 0x0000000
2091258.128c: *0000000000b70000-0000000000b70fff 0x0004/0x0004 0x0020000
2101258.128c: 0000000000b71000-0000000000bfffff 0x0001/0x0000 0x0000000
2111258.128c: *0000000000c00000-0000000000cbffff 0x0000/0x0004 0x0020000
2121258.128c: 0000000000cc0000-0000000000cc2fff 0x0004/0x0004 0x0020000
2131258.128c: 0000000000cc3000-0000000000dfffff 0x0000/0x0004 0x0020000
2141258.128c: 0000000000e00000-000000007ffdffff 0x0001/0x0000 0x0000000
2151258.128c: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2161258.128c: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
2171258.128c: 000000007fff0000-00007ff7a665ffff 0x0001/0x0000 0x0000000
2181258.128c: *00007ff7a6660000-00007ff7a6682fff 0x0002/0x0002 0x0040000
2191258.128c: 00007ff7a6683000-00007ff7a722ffff 0x0001/0x0000 0x0000000
2201258.128c: *00007ff7a7230000-00007ff7a7230fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2211258.128c: 00007ff7a7231000-00007ff7a72a1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2221258.128c: 00007ff7a72a2000-00007ff7a72a2fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2231258.128c: 00007ff7a72a3000-00007ff7a72e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2241258.128c: 00007ff7a72e9000-00007ff7a72e9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2251258.128c: 00007ff7a72ea000-00007ff7a72eafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2261258.128c: 00007ff7a72eb000-00007ff7a72effff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2271258.128c: 00007ff7a72f0000-00007ff7a72f0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2281258.128c: 00007ff7a72f1000-00007ff7a72f1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2291258.128c: 00007ff7a72f2000-00007ff7a72f5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2301258.128c: 00007ff7a72f6000-00007ff7a733dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2311258.128c: 00007ff7a733e000-00007ff9f428ffff 0x0001/0x0000 0x0000000
2321258.128c: *00007ff9f4290000-00007ff9f4290fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2331258.128c: 00007ff9f4291000-00007ff9f43a2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2341258.128c: 00007ff9f43a3000-00007ff9f43e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2351258.128c: 00007ff9f43e9000-00007ff9f43f0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2361258.128c: 00007ff9f43f1000-00007ff9f43fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2371258.128c: 00007ff9f43ff000-00007ff9f43fffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2381258.128c: 00007ff9f4400000-00007ff9f4402fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2391258.128c: 00007ff9f4403000-00007ff9f446ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2401258.128c: 00007ff9f4470000-00007ffffffdffff 0x0001/0x0000 0x0000000
2411258.128c: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
2421258.128c: VirtualBox.exe: timestamp 0x5b4cb14e (rc=VINF_SUCCESS)
2431258.128c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2441258.128c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
2451258.128c: supR3HardNtChildPurify: Done after 531 ms and 0 fixes (loop #0).
2461258.128c: supR3HardNtEnableThreadCreation:
24712e0.12e4: Log file opened: 5.2.16r123759 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00
24812e0.12e4: supR3HardenedVmProcessInit: uNtDllAddr=00007ff9f4290000 g_uNtVerCombined=0xa03fab00
24912e0.12e4: ntdll.dll: timestamp 0x493793ea (rc=VINF_SUCCESS)
25012e0.12e4: New simple heap: #1 0000000000f00000 LB 0x400000 (for 1966080 allocation)
25112e0.12e4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
25212e0.12e4: System32: \Device\HarddiskVolume3\Windows\System32
25312e0.12e4: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
25412e0.12e4: KnownDllPath: C:\WINDOWS\System32
25512e0.12e4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
25612e0.12e4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
25712e0.12e4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
25812e0.12e4: Registered Dll notification callback with NTDLL.
25912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
26012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
26112e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
26212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0b10000 LB 0x00266000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
26312e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
26412e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
26512e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f41b0000 LB 0x000ae000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
26612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
26712e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f41b0000 'C:\WINDOWS\System32\KERNEL32.DLL'
26812e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff7a7230000 LB 0x0010e000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
26912e0.12e4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
27012e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
27112e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
27212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
27312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
27412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'dnsapi.dll'.
27512e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\QIPCAP64.dll)
27612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\QIPCAP64.dll
27712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dnsapi.dll'...
27812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dnsapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dnsapi.dll' [rcNtRedir=0xc0150008]
27912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'ws2_32.dll'.
28012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'nsi.dll'.
28112e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dnsapi.dll)
28212e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dnsapi.dll
28312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
28412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
28512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #73 'user32.dll'.
28712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #75 'gdi32.dll'.
28812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
28912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
29012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
29112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
29212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
29412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
29512e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
29612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
29712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
30012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
30112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
30212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
30312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
30412e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
30512e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
30612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
30912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
31012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
31112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
31212e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
31312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
31412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
31512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
31612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
31712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
31812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
31912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
32012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
32312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
32412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
32512e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
32612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
32712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
32812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
32912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
33012e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll)
33112e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
33212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
33512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
33612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
33712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
33812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
33912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
34012e0.12e4: '\Device\HarddiskVolume3\Windows\System32\win32u.dll' has no imports
34112e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
34212e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
34312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
34612e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\QIPCAP64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34712e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\QIPCAP64.dll [lacks WinVerifyTrust]
34812e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dnsapi.dll [lacks WinVerifyTrust]
34912e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f3400000 LB 0x0009d000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
35012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
35112e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f37e0000 LB 0x0011f000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
35212e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
35312e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f36c0000 LB 0x0005b000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
35412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
35512e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f3610000 LB 0x000a1000 C:\WINDOWS\System32\ADVAPI32.dll [fFlags=0x0]
35612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
35712e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0690000 LB 0x000f6000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
35812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
35912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
36012e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0d80000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
36112e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
36212e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
36312e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0860000 LB 0x00072000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0]
36412e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
36512e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
36612e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f2fa0000 LB 0x00308000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
36712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
36812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'.
36912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
37012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
37112e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f17e0000 LB 0x000a6000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
37212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'rpcrt4.dll'.
37412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'combase.dll'.
37512e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
37612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
37712e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0dd0000 LB 0x0009b000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
37812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
37912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
38012e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0790000 LB 0x00020000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
38112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
38212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f3ae0000 LB 0x0018e000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
38312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
38412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f15c0000 LB 0x00191000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
38512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
38612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
38712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'user32.dll'.
38812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'win32u.dll'.
38912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
39012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
39112e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f1890000 LB 0x00028000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
39212e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
39312e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f3780000 LB 0x00051000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
39412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
39512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'gdi32.dll'.
39612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'user32.dll'.
39712e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
39812e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
39912e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0630000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
40012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
40112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
40212e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
40312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
40412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f05e0000 LB 0x0004c000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
40512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
40612e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
40712e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
40812e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0650000 LB 0x0001b000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
40912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
41012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
41112e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0e70000 LB 0x00747000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
41212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
41312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
41412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'combase.dll'.
41512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #75 'profapi.dll'.
41612e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
41712e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
41812e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f1a70000 LB 0x01437000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
41912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
42012e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f2eb0000 LB 0x0006c000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
42112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
42212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f1a60000 LB 0x00008000 C:\WINDOWS\System32\NSI.dll [fFlags=0x0]
42312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
42412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9efc40000 LB 0x000b6000 C:\WINDOWS\SYSTEM32\DNSAPI.dll [fFlags=0x0]
42512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dnsapi.dll [lacks WinVerifyTrust]
42612e0.12e4: supR3HardenedDllNotificationCallback: load 0000000068000000 LB 0x0005e000 C:\WINDOWS\System32\QIPCAP64.dll [fFlags=0x0]
42712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\QIPCAP64.dll [lacks WinVerifyTrust]
42812e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
42912e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
43012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-synch-l1-2-0'
43112e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
43212e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
43312e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-fibers-l1-1-1'
43412e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
43512e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
43612e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-fibers-l1-1-1'
43712e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
43812e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
43912e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-synch-l1-2-0'
44012e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
44112e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
44212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-localization-l1-2-1'
44312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
44412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
44512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
44612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
44712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
44812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
44912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
45012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
45112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
45212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
45312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
45412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
45512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
45612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
45712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
45812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
45912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
46012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
46112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
46212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
46312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
46412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
46512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
46612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
46712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
46812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
46912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
47012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
47112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
47212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
47312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
47412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
47512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
47612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
47712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
47812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
47912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
48012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
48112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
48212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
48312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
48412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
48512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
48612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
48712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
48812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
48912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
49012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
49112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
49212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
49312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
49412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
49512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
49612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
49712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
49812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
49912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
50012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
50112e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
50212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f41b0000 'C:\WINDOWS\System32\kernel32.dll'
50312e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
50412e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
50512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-string-l1-1-0'
50612e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
50712e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
50812e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-datetime-l1-1-1'
50912e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
51012e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
51112e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f0b10000 'api-ms-win-core-localization-obsolete-l1-2-0'
51212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
51312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
51412e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
51512e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
51612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
51712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
51812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
51912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
52012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
52112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
52212e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
52312e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f3900000 LB 0x0002d000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
52412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
52512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3900000 'C:\WINDOWS\system32\IMM32.DLL'
52612e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL)
52712e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
52812e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9efc00000 LB 0x00039000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
52912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL [lacks WinVerifyTrust]
53012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000068000000 'C:\WINDOWS\System32\QIPCAP64.dll'
53112e0.12e4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9f43091b0 pvNtTerminateThread=00007ff9f4330890
5321258.128c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 441 ms.
53312e0.12e4: \SystemRoot\System32\ntdll.dll:
53412e0.12e4: CreationTime: 2017-09-29T13:41:43.343111100Z
53512e0.12e4: LastWriteTime: 2017-09-29T13:41:43.358737200Z
53612e0.12e4: ChangeTime: 2018-06-18T13:19:38.723299900Z
53712e0.12e4: FileAttributes: 0x20
53812e0.12e4: Size: 0x1dd100
53912e0.12e4: NT Headers: 0xe0
54012e0.12e4: Timestamp: 0x493793ea
54112e0.12e4: Machine: 0x8664 - amd64
54212e0.12e4: Timestamp: 0x493793ea
54312e0.12e4: Image Version: 10.0
54412e0.12e4: SizeOfImage: 0x1e0000 (1966080)
54512e0.12e4: Resource Dir: 0x174000 LB 0x6a1d8
54612e0.12e4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
54712e0.12e4: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
54812e0.12e4: ProductName: Microsoft® Windows® Operating System
54912e0.12e4: ProductVersion: 10.0.16299.15
55012e0.12e4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
55112e0.12e4: FileDescription: NT Layer DLL
55212e0.12e4: \SystemRoot\System32\kernel32.dll:
55312e0.12e4: CreationTime: 2017-09-29T13:42:04.954227600Z
55412e0.12e4: LastWriteTime: 2017-09-29T13:42:04.954227600Z
55512e0.12e4: ChangeTime: 2018-06-18T13:25:48.340024800Z
55612e0.12e4: FileAttributes: 0x20
55712e0.12e4: Size: 0xab868
55812e0.12e4: NT Headers: 0xe8
55912e0.12e4: Timestamp: 0xc2cf900
56012e0.12e4: Machine: 0x8664 - amd64
56112e0.12e4: Timestamp: 0xc2cf900
56212e0.12e4: Image Version: 10.0
56312e0.12e4: SizeOfImage: 0xae000 (712704)
56412e0.12e4: Resource Dir: 0xac000 LB 0x520
56512e0.12e4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
56612e0.12e4: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
56712e0.12e4: ProductName: Microsoft® Windows® Operating System
56812e0.12e4: ProductVersion: 10.0.16299.15
56912e0.12e4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
57012e0.12e4: FileDescription: Windows NT BASE API Client DLL
57112e0.12e4: \SystemRoot\System32\KernelBase.dll:
57212e0.12e4: CreationTime: 2017-09-29T13:41:43.124345500Z
57312e0.12e4: LastWriteTime: 2017-09-29T13:41:43.124345500Z
57412e0.12e4: ChangeTime: 2018-06-18T13:25:49.084694300Z
57512e0.12e4: FileAttributes: 0x20
57612e0.12e4: Size: 0x266000
57712e0.12e4: NT Headers: 0xf0
57812e0.12e4: Timestamp: 0x4736733c
57912e0.12e4: Machine: 0x8664 - amd64
58012e0.12e4: Timestamp: 0x4736733c
58112e0.12e4: Image Version: 10.0
58212e0.12e4: SizeOfImage: 0x266000 (2514944)
58312e0.12e4: Resource Dir: 0x245000 LB 0x548
58412e0.12e4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
58512e0.12e4: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
58612e0.12e4: ProductName: Microsoft® Windows® Operating System
58712e0.12e4: ProductVersion: 10.0.16299.15
58812e0.12e4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
58912e0.12e4: FileDescription: Windows NT BASE API Client DLL
59012e0.12e4: \SystemRoot\System32\apisetschema.dll:
59112e0.12e4: CreationTime: 2017-09-29T13:42:07.095026600Z
59212e0.12e4: LastWriteTime: 2017-09-29T13:42:07.095026600Z
59312e0.12e4: ChangeTime: 2018-06-18T13:19:27.815880800Z
59412e0.12e4: FileAttributes: 0x20
59512e0.12e4: Size: 0x1b398
59612e0.12e4: NT Headers: 0xc8
59712e0.12e4: Timestamp: 0xf30abf31
59812e0.12e4: Machine: 0x8664 - amd64
59912e0.12e4: Timestamp: 0xf30abf31
60012e0.12e4: Image Version: 10.0
60112e0.12e4: SizeOfImage: 0x1c000 (114688)
60212e0.12e4: Resource Dir: 0x1b000 LB 0x408
60312e0.12e4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
60412e0.12e4: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
60512e0.12e4: ProductName: Microsoft® Windows® Operating System
60612e0.12e4: ProductVersion: 10.0.16299.15
60712e0.12e4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
60812e0.12e4: FileDescription: ApiSet Schema DLL
60912e0.12e4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
61012e0.12e4: supR3HardenedWinFindAdversaries: 0x20
61112e0.12e4: \SystemRoot\System32\drivers\mfeavfk.sys:
61212e0.12e4: CreationTime: 2018-07-30T15:38:55.431527800Z
61312e0.12e4: LastWriteTime: 2018-07-30T15:38:55.431527800Z
61412e0.12e4: ChangeTime: 2018-07-30T15:38:57.119784000Z
61512e0.12e4: FileAttributes: 0x20
61612e0.12e4: Size: 0x56de8
61712e0.12e4: NT Headers: 0xf8
61812e0.12e4: Timestamp: 0x59ceade6
61912e0.12e4: Machine: 0x8664 - amd64
62012e0.12e4: Timestamp: 0x59ceade6
62112e0.12e4: Image Version: 0.0
62212e0.12e4: SizeOfImage: 0x57000 (356352)
62312e0.12e4: Resource Dir: 0x55000 LB 0x750
62412e0.12e4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
62512e0.12e4: [Raw version resource data: 0x55110 LB 0x32c, codepage 0x0 (reserved 0x0)]
62612e0.12e4: ProductName: SYSCORE
62712e0.12e4: ProductVersion: 15.7.0.665
62812e0.12e4: FileVersion: SYSCORE.15.7.0.665
62912e0.12e4: PrivateBuild: SYSCORE.15.7.0.665 F15,F16,F19
63012e0.12e4: FileDescription: Anti-Virus File System Filter Driver
63112e0.12e4: \SystemRoot\System32\drivers\mfefirek.sys:
63212e0.12e4: CreationTime: 2018-07-30T15:38:55.478414000Z
63312e0.12e4: LastWriteTime: 2018-07-30T15:38:55.478414000Z
63412e0.12e4: ChangeTime: 2018-07-30T15:38:57.260456100Z
63512e0.12e4: FileAttributes: 0x20
63612e0.12e4: Size: 0x7b9e8
63712e0.12e4: NT Headers: 0xe0
63812e0.12e4: Timestamp: 0x59ceaea4
63912e0.12e4: Machine: 0x8664 - amd64
64012e0.12e4: Timestamp: 0x59ceaea4
64112e0.12e4: Image Version: 0.0
64212e0.12e4: SizeOfImage: 0x7d000 (512000)
64312e0.12e4: Resource Dir: 0x79000 LB 0x380
64412e0.12e4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
64512e0.12e4: [Raw version resource data: 0x79060 LB 0x320, codepage 0x0 (reserved 0x0)]
64612e0.12e4: ProductName: SYSCORE
64712e0.12e4: ProductVersion: 15.7.0.665
64812e0.12e4: FileVersion: SYSCORE.15.7.0.665
64912e0.12e4: PrivateBuild: SYSCORE.15.7.0.665 F17,F18
65012e0.12e4: FileDescription: McAfee Core Firewall Engine Driver
65112e0.12e4: \SystemRoot\System32\drivers\mfehidk.sys:
65212e0.12e4: CreationTime: 2018-07-30T15:38:55.384589700Z
65312e0.12e4: LastWriteTime: 2018-07-30T15:38:55.400261600Z
65412e0.12e4: ChangeTime: 2018-07-30T15:38:57.041658300Z
65512e0.12e4: FileAttributes: 0x20
65612e0.12e4: Size: 0xe51e8
65712e0.12e4: NT Headers: 0xf8
65812e0.12e4: Timestamp: 0x59cead55
65912e0.12e4: Machine: 0x8664 - amd64
66012e0.12e4: Timestamp: 0x59cead55
66112e0.12e4: Image Version: 0.0
66212e0.12e4: SizeOfImage: 0xf0000 (983040)
66312e0.12e4: Resource Dir: 0xec000 LB 0x750
66412e0.12e4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
66512e0.12e4: [Raw version resource data: 0xec110 LB 0x318, codepage 0x0 (reserved 0x0)]
66612e0.12e4: ProductName: SYSCORE
66712e0.12e4: ProductVersion: 15.7.0.665
66812e0.12e4: FileVersion: SYSCORE.15.7.0.665
66912e0.12e4: PrivateBuild: SYSCORE.15.7.0.665 F14,F15,F16,F18,F20
67012e0.12e4: FileDescription: McAfee Link Driver
67112e0.12e4: \SystemRoot\System32\drivers\mfencbdc.sys:
67212e0.12e4: CreationTime: 2017-09-27T04:48:08.000000000Z
67312e0.12e4: LastWriteTime: 2017-09-27T04:48:08.000000000Z
67412e0.12e4: ChangeTime: 2018-07-30T15:39:37.304355100Z
67512e0.12e4: FileAttributes: 0x20
67612e0.12e4: Size: 0x7b9d8
67712e0.12e4: NT Headers: 0xe8
67812e0.12e4: Timestamp: 0x59c4cc63
67912e0.12e4: Machine: 0x8664 - amd64
68012e0.12e4: Timestamp: 0x59c4cc63
68112e0.12e4: Image Version: 0.0
68212e0.12e4: SizeOfImage: 0x7f000 (520192)
68312e0.12e4: Resource Dir: 0x7d000 LB 0x3e0
68412e0.12e4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
68512e0.12e4: [Raw version resource data: 0x7d060 LB 0x37c, codepage 0x0 (reserved 0x0)]
68612e0.12e4: ProductName: Anti-Malware Core
68712e0.12e4: ProductVersion: 1.5.0
68812e0.12e4: FileVersion: Anti-Malware Core.1.5.0.4156.x64
68912e0.12e4: PrivateBuild: Anti-Malware Core.1.5.0.4156.x64
69012e0.12e4: FileDescription: Event Driver
69112e0.12e4: \SystemRoot\System32\drivers\mfewfpk.sys:
69212e0.12e4: CreationTime: 2018-07-30T15:38:55.400261600Z
69312e0.12e4: LastWriteTime: 2018-07-30T15:38:55.400261600Z
69412e0.12e4: ChangeTime: 2018-07-30T15:38:56.463078600Z
69512e0.12e4: FileAttributes: 0x20
69612e0.12e4: Size: 0x3dbe8
69712e0.12e4: NT Headers: 0x100
69812e0.12e4: Timestamp: 0x59cead75
69912e0.12e4: Machine: 0x8664 - amd64
70012e0.12e4: Timestamp: 0x59cead75
70112e0.12e4: Image Version: 0.0
70212e0.12e4: SizeOfImage: 0x59000 (364544)
70312e0.12e4: Resource Dir: 0x57000 LB 0x378
70412e0.12e4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
70512e0.12e4: [Raw version resource data: 0x57060 LB 0x318, codepage 0x0 (reserved 0x0)]
70612e0.12e4: ProductName: SYSCORE
70712e0.12e4: ProductVersion: 15.7.0.665
70812e0.12e4: FileVersion: SYSCORE.15.7.0.665
70912e0.12e4: PrivateBuild: SYSCORE.15.7.0.665 F17,F18
71012e0.12e4: FileDescription: Anti-Virus Mini-Firewall Driver
71112e0.12e4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
71212e0.12e4: Calling main()
71312e0.12e4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
71412e0.12e4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
71512e0.12e4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
71612e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
71712e0.12e4: SUPR3HardenedMain: Respawn #2
71812e0.12e4: Error (rc=-5640):
71912e0.12e4: More than one thread in process
72012e0.12e4: Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1)
72112e0.12e4: More than one thread in process
72212e0.12e4: supR3HardNtEnableThreadCreation:
72312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
72412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
72512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
72612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
72712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
72812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
72912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
73012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
73112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
73212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
73312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
73412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
73512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
73612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
73712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
73812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll)
73912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
74012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
74112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
74212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
74312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
74412e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll)
74512e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
74612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
74712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
74812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
74912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
75012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
75112e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll)
75212e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
75312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
75412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
75512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
75612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'gdi32.dll'.
75712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'user32.dll'.
75812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'combase.dll'.
75912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll)
76012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
76112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
76212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
76312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
76412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
76512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
76612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
76712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
76812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
76912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
77012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
77112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
77212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
77312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
77412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
77512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
77612e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll)
77712e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
77812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
77912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
78012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
78112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
78212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
78312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
78412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
78512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
78612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
78712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
78812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll)
78912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
79012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
79112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
79212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
79312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
79412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
79512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
79612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
79712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
79812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
79912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
80012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
80112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
80212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
80312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
80412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
80512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
80612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
80712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
80812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
80912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
81012e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
81112e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
81212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
81312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
81412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
81512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
81612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
81712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
81812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
81912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
82012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
82112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
82212e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
82312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
82412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
82512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
82612e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
82712e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
82812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
82912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
83012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
83112e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll)
83212e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
83312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
83412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
83512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
83612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
83712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
83812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
83912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll)
84012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
84112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
84212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
84312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
84412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
84512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
84612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
84712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
84812e0.12e4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
84912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
85012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
85112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
85212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
85312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
85412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
85512e0.12e4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
85612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
85712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
85812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
85912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
86012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
86112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
86212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
86312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
86412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
86512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
86612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
86712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
86812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
86912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
87012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
87112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
87212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
87312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
87412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
87512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
87612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
87712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
87812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
87912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
88012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
88112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
88212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
88312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
88412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
88512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
88612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
88712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
88812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
88912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
89012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
89112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
89212e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll)
89312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
89412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
89512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
89612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
89712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
89812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
89912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
90012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
90112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
90212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
90312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
90412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
90512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
90612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
90712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
90812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
90912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
91012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
91112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
91212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
91312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
91412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
91512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
91612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
91712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
91812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
91912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
92012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
92112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
92212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
92312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
92412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
92512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
92612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
92712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
92812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
92912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
93012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
93112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
93212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
93312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
93412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
93512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
93612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
93712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
93812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
93912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
94012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
94112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
94212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
94312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
94412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
94512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
94612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
94712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
94812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
94912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
95012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
95112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
95212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
95312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
95412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
95512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
95612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
95712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'.
95812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'shlwapi.dll'.
95912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
96012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'comctl32.dll'.
96112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'shell32.dll'.
96212e0.12e4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll)
96312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
96412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
96512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
96612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
96712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'iphlpapi.dll'.
96812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'bcrypt.dll'.
96912e0.12e4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\winspool.drv)
97012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winspool.drv
97112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
97212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
97312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
97412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
97512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
97612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
97712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
97812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
97912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
98012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
98112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
98212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
98312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
98412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
98512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
98612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
98712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
98812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
98912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
99012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
99112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
99212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
99312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
99412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
99512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
99612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
99712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
99812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
99912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
100012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
100112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
100212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
100312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
100412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
100512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
100612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
100712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
100812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
100912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
101012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
101112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
101212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
101312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
101412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
101512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
101612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
101712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
101812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
101912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
102012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
102112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
102212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
102312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
102412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
102512e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
102612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
102712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
102812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
102912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
103012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
103112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
103212e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
103312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
103412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
103512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
103612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL [lacks WinVerifyTrust]
103712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
103812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
103912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
104012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
104112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
104212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
104312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
104412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
104512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
104612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
104712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
104812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll)
104912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll
105012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
105112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
105212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
105312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
105412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
105512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
105612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
105712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
105812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
105912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
106012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
106112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
106212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
106312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
106412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
106512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
106612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
106712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
106812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
106912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
107012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
107112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
107212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
107312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
107412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
107512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
107612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
107712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
107812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
107912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
108012e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
108112e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
108212e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
108312e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
108412e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
108512e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
108612e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
108712e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
108812e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
108912e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust]
109012e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
109112e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
109212e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust]
109312e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [lacks WinVerifyTrust]
109412e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [lacks WinVerifyTrust]
109512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
109612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
109712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
109812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.15_none_e47c14a8033886fc\comctl32.dll)
109912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.15_none_e47c14a8033886fc\comctl32.dll
110012e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
110112e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
110212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9e04b0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
110312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust]
110412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9e0b60000 LB 0x0011e000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
110512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
110612e0.12e4: supR3HardenedDllNotificationCallback: load 00000000540f0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
110712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
110812e0.12e4: supR3HardenedDllNotificationCallback: load 0000000054050000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
110912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
111012e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9bb710000 LB 0x00595000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
111112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
111212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f32b0000 LB 0x00149000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
111312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
111412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9e17e0000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
111512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [lacks WinVerifyTrust]
111612e0.12e4: supR3HardenedDllNotificationCallback: load 0000000053ae0000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
111712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
111812e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ba700000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
111912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
112012e0.12e4: supR3HardenedDllNotificationCallback: load 0000000053570000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
112112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
112212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0140000 LB 0x00025000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0]
112312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
112412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9e9670000 LB 0x00086000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
112512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [lacks WinVerifyTrust]
112612e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9d1d50000 LB 0x000a6000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.15_none_e47c14a8033886fc\COMCTL32.dll [fFlags=0x0]
112712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.15_none_e47c14a8033886fc\comctl32.dll [lacks WinVerifyTrust]
112812e0.12e4: supR3HardenedDllNotificationCallback: load 0000000005130000 LB 0x0010a000 C:\WINDOWS\System32\COMDLG32.dll [fFlags=0x0]
112912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
113012e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ce9e0000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
113112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust]
113212e0.12e4: supR3HardenedDllNotificationCallback: load 0000000053510000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
113312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
113412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f3c90000 LB 0x000c5000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
113512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
113612e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ece00000 LB 0x0002a000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
113712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
113812e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ed280000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
113912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
114012e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9bad00000 LB 0x00a06000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
114112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
114212e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
114312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
114412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
114512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
114612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
114712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
114812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
114912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
115012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
115112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
115212e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
115312e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
115412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
115512e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
115612e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
115712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
115812e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
115912e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
116112e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
116212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
116412e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
116512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
116712e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
116812e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117412e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117612e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
117812e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
117912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118412e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
118512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118712e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
118812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
118912e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119112e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119212e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119312e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119712e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
119812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
119912e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120112e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120212e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120312e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120712e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
120812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
120912e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121112e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121212e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121312e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
121712e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
121812e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
121912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
122012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
122112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
122212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bb710000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
122312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
122412e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
122512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3900000 'C:\WINDOWS\System32\imm32.dll'
122612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
122712e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
122812e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3610000 'C:\WINDOWS\System32\ADVAPI32.DLL'
122912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
123012e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
123112e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
123212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f0050000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0]
123312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
123412e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bad00000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
123512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
123612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
123712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
123812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
123912e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
124012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f41b0000 'C:\WINDOWS\System32\kernel32.dll'
124112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
124212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
124312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
124412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
124512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
124612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
124712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
124812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
124912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
125012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
125112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
125212e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll)
125312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
125412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
125512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
125612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
125712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
125812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
125912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
126012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
126112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
126212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
126312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
126412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
126512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
126612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
126712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
126812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
126912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
127012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
127112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
127212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
127312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
127412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
127512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
127612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
127712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
127812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
127912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
128012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
128112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
128212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
128312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
128412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
128512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
128612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
128712e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
128812e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
128912e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ba5d0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
129012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
129112e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ba5d0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
129212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
129312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
129412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
129512e0.12e4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll)
129612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
129712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
129812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
129912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
130012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
130112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
130212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
130312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
130412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
130512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
130612e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
130712e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
130812e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9eea30000 LB 0x00095000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
130912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
131012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9eea30000 'C:\WINDOWS\system32\uxtheme.dll'
131112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
131212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3ae0000 'C:\WINDOWS\system32\user32.dll'
131312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
131412e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
131512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f1a70000 'C:\WINDOWS\system32\shell32.dll'
131612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
131712e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
131812e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f17e0000 'C:\WINDOWS\system32\SHCore.dll'
131912e0.12e4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
132012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
132112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
132212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
132312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
132412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
132512e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)
132612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
132712e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9eed10000 LB 0x0002a000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0]
132812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [lacks WinVerifyTrust]
132912e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
133012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
133112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
133212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
133312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
133412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
133512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
133612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
133712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
133812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
133912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
134012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
134112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
134212e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
134312e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ed280000 'C:\WINDOWS\system32\winmm.dll'
134412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
134512e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
134612e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ed280000 'C:\WINDOWS\system32\winmm.dll'
134712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
134812e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
134912e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f1a70000 'C:\WINDOWS\system32\shell32.dll'
135012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
135112e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
135212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9eea30000 'C:\WINDOWS\system32\uxtheme.dll'
135312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
135412e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\gdi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
135512e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f1890000 'C:\WINDOWS\system32\gdi32.dll'
135612e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f34a0000 LB 0x00167000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
135712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
135812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'oleaut32.dll'.
135912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'.
136012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
136112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'imm32.dll'.
136212e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
136312e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
136412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
136512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
136612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
136712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
136812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
136912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
137012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
137112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
137212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
137312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
137412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
137512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
137612e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
137712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
137812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
137912e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
138012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f37e0000 'C:\WINDOWS\System32\rpcrt4.dll'
138112e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9f3930000 LB 0x0009e000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
138212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
138312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
138412e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
138512e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
138612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
138712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
138812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'combase.dll'.
138912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'd3d11.dll'.
139012e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'dcomp.dll'.
139112e0.12e4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll)
139212e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
139312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
139412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume3\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
139512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
139612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
139712e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dcomp.dll)
139812e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dcomp.dll
139912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
140012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
140112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
140212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'.
140312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'win32u.dll'.
140412e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll)
140512e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll
140612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
140712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
140812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
140912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
141012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
141112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
141212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
141312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
141412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
141512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
141612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
141712e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
141812e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
141912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
142012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
142112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
142212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
142312e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
142412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
142512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
142612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
142712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
142812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll)
142912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll
143012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
143112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
143212e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
143312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
143412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
143512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
143612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
143712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
143812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
143912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
144012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
144112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
144212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
144312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
144412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
144512e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
144612e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
144712e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
144812e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
144912e0.12e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
145012e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ef510000 LB 0x000af000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
145112e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
145212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ed2b0000 LB 0x002e2000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
145312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
145412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9edd60000 LB 0x00142000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
145512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
145612e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9c85c0000 LB 0x0004f000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
145712e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
145812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
145912e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f1890000 'C:\WINDOWS\System32\gdi32.dll'
146012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c85c0000 'C:\WINDOWS\system32\dataexchange.dll'
146112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
146212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rmclient.dll'.
146312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
146412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcrypt.dll'.
146512e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
146612e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
146712e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
146812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
146912e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
147012e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rmclient.dll)
147112e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rmclient.dll
147212e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9eeb00000 LB 0x00020000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0]
147312e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
147412e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9eeb20000 LB 0x0017b000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
147512e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust]
147612e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
147712e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
147812e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'devobj.dll'.
147912e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'propsys.dll'.
148012e0.1324: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll)
148112e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
148212e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'cfgmgr32.dll'.
148312e0.1324: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll)
148412e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
148512e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
148612e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'.
148712e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
148812e0.1324: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll)
148912e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\propsys.dll
149012e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9f03f0000 LB 0x00027000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
149112e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust]
149212e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9ee1d0000 LB 0x001b1000 C:\WINDOWS\SYSTEM32\PROPSYS.dll [fFlags=0x0]
149312e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll [lacks WinVerifyTrust]
149412e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9e9720000 LB 0x0006f000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0]
149512e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
149612e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
149712e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
149812e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'.
149912e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'.
150012e0.1324: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv)
150112e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
150212e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
150312e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
150412e0.1324: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll)
150512e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll
150612e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
150712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
150812e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
150912e0.1324: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll)
151012e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll
151112e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
151212e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
151312e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
151412e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
151512e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
151612e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
151712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
151812e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
151912e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
152012e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
152112e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
152212e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
152312e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
152412e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
152512e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
152612e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
152712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
152812e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
152912e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
153012e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
153112e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll [lacks WinVerifyTrust]
153212e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
153312e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
153412e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust]
153512e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
153612e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
153712e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
153812e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
153912e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
154012e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
154112e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
154212e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
154312e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
154412e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
154512e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
154612e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
154712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
154812e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
154912e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
155012e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
155112e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
155212e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
155312e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
155412e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
155512e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
155612e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
155712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume3\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
155812e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
155912e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
156012e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
156112e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
156212e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
156312e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
156412e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
156512e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
156612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
156712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'coreuicomponents.dll'.
156812e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'coremessaging.dll'.
156912e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
157012e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
157112e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
157212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
157312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'.
157412e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
157512e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
157612e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
157712e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
157812e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
157912e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
158012e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntmarta.dll)
158112e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntmarta.dll
158212e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
158312e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
158412e0.12e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'bcryptprimitives.dll'.
158512e0.12e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
158612e0.12e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
158712e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9ef6a0000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
158812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntmarta.dll [lacks WinVerifyTrust]
158912e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9edc30000 LB 0x000dd000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
159012e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
159112e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9eb230000 LB 0x00136000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
159212e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [lacks WinVerifyTrust]
159312e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9e9a80000 LB 0x002ee000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
159412e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
159512e0.12e4: supR3HardenedDllNotificationCallback: load 00007ff9d9be0000 LB 0x00098000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
159612e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [lacks WinVerifyTrust]
159712e0.1324: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
159812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
159912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
160012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
160112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
160212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
160312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
160412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
160512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
160612e0.1324: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
160712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
160812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
160912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
161012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
161112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
161212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
161312e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
161412e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
161512e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
161612e0.1324: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust]
161712e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
161812e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
161912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
162012e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
162112e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
162212e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
162312e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9ea0c0000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
162412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
162512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
162612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
162712e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
162812e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9ea9e0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
162912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
163012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
163112e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
163212e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust]
163312e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9b7ff0000 LB 0x00042000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
163412e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume3\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
163512e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
163612e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
163712e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
163812e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
163912e0.12e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
164012e0.12e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
164112e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
164212e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3c90000 'C:\WINDOWS\System32\OLEAUT32.DLL'
164312e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
164412e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
164512e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
164612e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
164712e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
164812e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3ae0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
164912e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
165012e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
165112e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e9720000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
165212e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
165312e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
165412e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3ae0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
165512e0.12e4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
165612e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
165712e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f2fa0000 'api-ms-win-core-com-l1-1-0.dll'
165812e0.12e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust]
165912e0.12e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
166012e0.12e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f34a0000 'C:\WINDOWS\System32\MSCTF.dll'
166112e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
166212e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
166312e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
166412e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
166512e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
166612e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
166712e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
166812e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
166912e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
167012e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
167112e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
167212e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
167312e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'mmdevapi.dll'.
167412e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'avrt.dll'.
167512e0.1324: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll)
167612e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
167712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
167812e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
167912e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust]
168012e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
168112e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
168212e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
168312e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
168412e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
168512e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
168612e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
168712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
168812e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
168912e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
169012e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
169112e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
169212e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
169312e0.1324: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
169412e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9e23e0000 LB 0x00122000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
169512e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
169612e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e23e0000 'C:\WINDOWS\System32\AUDIOSES.DLL'
169712e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
169812e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
169912e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
170012e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
170112e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
170212e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
170312e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
170412e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b7ff0000 'C:\WINDOWS\System32\wdmaud.drv'
170512e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
170612e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
170712e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
170812e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'.
170912e0.1324: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv)
171012e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv
171112e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
171212e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
171312e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
171412e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
171512e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
171612e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
171712e0.1324: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll)
171812e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll
171912e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
172012e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
172112e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
172212e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
172312e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
172412e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
172512e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
172612e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
172712e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
172812e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
172912e0.1324: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
173012e0.1324: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
173112e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9c5cb0000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
173212e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
173312e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9ca800000 LB 0x0000c000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
173412e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
173512e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
173612e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
173712e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
173812e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
173912e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
174012e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
174112e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
174212e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
174312e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
174412e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
174512e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
174612e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
174712e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
174812e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
174912e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
175012e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
175112e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
175212e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
175312e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
175412e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
175512e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
175612e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
175712e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
175812e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
175912e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca800000 'C:\WINDOWS\System32\msacm32.drv'
176012e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
176112e0.1324: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
176212e0.1324: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\midimap.dll)
176312e0.1324: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
176412e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
176512e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
176612e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
176712e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
176812e0.1324: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
176912e0.1324: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
177012e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
177112e0.1324: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
177212e0.1324: supR3HardenedDllNotificationCallback: load 00007ff9ca100000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
177312e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
177412e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca100000 'C:\WINDOWS\System32\midimap.dll'
177512e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
177612e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
177712e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca100000 'C:\WINDOWS\System32\midimap.dll'
177812e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
177912e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
178012e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca100000 'C:\WINDOWS\System32\midimap.dll'
178112e0.1324: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
178212e0.1324: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
178312e0.1324: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca100000 'C:\WINDOWS\System32\midimap.dll'
178412e0.1304: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
178512e0.1304: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
178612e0.1304: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e9720000 'C:\WINDOWS\System32\MMDevApi.dll'
17871258.128c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 3557 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy