f04.b6c: Log file opened: 5.0.20r106931 g_hStartupLog=00000000000000ac g_uNtVerCombined=0xa0280000 f04.b6c: \SystemRoot\System32\ntdll.dll: f04.b6c: CreationTime: 2016-02-10T12:52:21.621234900Z f04.b6c: LastWriteTime: 2016-01-31T06:24:08.504709500Z f04.b6c: ChangeTime: 2016-02-11T16:14:33.084453300Z f04.b6c: FileAttributes: 0x20 f04.b6c: Size: 0x1bd870 f04.b6c: NT Headers: 0xd8 f04.b6c: Timestamp: 0x56ad9704 f04.b6c: Machine: 0x8664 - amd64 f04.b6c: Timestamp: 0x56ad9704 f04.b6c: Image Version: 10.0 f04.b6c: SizeOfImage: 0x1c2000 (1843200) f04.b6c: Resource Dir: 0x15b000 LB 0x65718 f04.b6c: ProductName: Microsoft® Windows® Operating System f04.b6c: ProductVersion: 10.0.10240.16683 f04.b6c: FileVersion: 10.0.10240.16683 (th1.160130-1842) f04.b6c: FileDescription: NT Layer DLL f04.b6c: \SystemRoot\System32\kernel32.dll: f04.b6c: CreationTime: 2015-07-10T10:59:59.699781600Z f04.b6c: LastWriteTime: 2015-07-10T10:59:59.699781600Z f04.b6c: ChangeTime: 2015-12-21T17:25:44.929083900Z f04.b6c: FileAttributes: 0x20 f04.b6c: Size: 0xab830 f04.b6c: NT Headers: 0xf0 f04.b6c: Timestamp: 0x559f38ad f04.b6c: Machine: 0x8664 - amd64 f04.b6c: Timestamp: 0x559f38ad f04.b6c: Image Version: 10.0 f04.b6c: SizeOfImage: 0xad000 (708608) f04.b6c: Resource Dir: 0xab000 LB 0x518 f04.b6c: ProductName: Microsoft® Windows® Operating System f04.b6c: ProductVersion: 10.0.10240.16384 f04.b6c: FileVersion: 10.0.10240.16384 (th1.150709-1700) f04.b6c: FileDescription: Windows NT BASE API Client DLL f04.b6c: \SystemRoot\System32\KernelBase.dll: f04.b6c: CreationTime: 2016-04-13T11:51:55.397563100Z f04.b6c: LastWriteTime: 2016-03-16T04:55:53.161694100Z f04.b6c: ChangeTime: 2016-04-14T18:02:07.876142900Z f04.b6c: FileAttributes: 0x20 f04.b6c: Size: 0x1dc880 f04.b6c: NT Headers: 0xf0 f04.b6c: Timestamp: 0x56e8d499 f04.b6c: Machine: 0x8664 - amd64 f04.b6c: Timestamp: 0x56e8d499 f04.b6c: Image Version: 10.0 f04.b6c: SizeOfImage: 0x1dd000 (1953792) f04.b6c: Resource Dir: 0x1c7000 LB 0x538 f04.b6c: ProductName: Microsoft® Windows® Operating System f04.b6c: ProductVersion: 10.0.10240.16766 f04.b6c: FileVersion: 10.0.10240.16766 (th1_st1.160315-1811) f04.b6c: FileDescription: Windows NT BASE API Client DLL f04.b6c: \SystemRoot\System32\apisetschema.dll: f04.b6c: CreationTime: 2015-07-10T11:00:04.872098600Z f04.b6c: LastWriteTime: 2015-07-10T11:00:04.872098600Z f04.b6c: ChangeTime: 2015-12-18T08:27:14.277572100Z f04.b6c: FileAttributes: 0x20 f04.b6c: Size: 0x16760 f04.b6c: NT Headers: 0xc8 f04.b6c: Timestamp: 0x559f3e3d f04.b6c: Machine: 0x8664 - amd64 f04.b6c: Timestamp: 0x559f3e3d f04.b6c: Image Version: 10.0 f04.b6c: SizeOfImage: 0x17000 (94208) f04.b6c: Resource Dir: 0x16000 LB 0x3f0 f04.b6c: ProductName: Microsoft® Windows® Operating System f04.b6c: ProductVersion: 10.0.10240.16384 f04.b6c: FileVersion: 10.0.10240.16384 (th1.150709-1700) f04.b6c: FileDescription: ApiSet Schema DLL f04.b6c: NtOpenDirectoryObject failed on \Driver: 0xc0000022 f04.b6c: supR3HardenedWinFindAdversaries: 0x0 f04.b6c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\aawinwinxxx\voox' f04.b6c: Calling main() f04.b6c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 f04.b6c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\aawinwinxxx\voox' f04.b6c: SUPR3HardenedMain: Respawn #1 f04.b6c: System32: \Device\HarddiskVolume3\Windows\System32 f04.b6c: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS f04.b6c: KnownDllPath: C:\Windows\system32 f04.b6c: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports f04.b6c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe) f04.b6c: supR3HardNtEnableThreadCreation: f04.b6c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff851b8be60 pvNtTerminateThread=00007ff851bb3d50 f04.b6c: supR3HardenedWinDoReSpawn(1): New child 984.1104 [kernel32]. f04.b6c: supR3HardNtChildGatherData: PebBaseAddress=00007ff785f73000 cbPeb=0x388 f04.b6c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff851b20000 uNtDllChildAddr=00007ff851b20000 f04.b6c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff851b8be60 f04.b6c: supR3HardenedWinSetupChildInit: Start child. f04.b6c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. f04.b6c: supR3HardNtChildPurify: Startup delay kludge #1/0: 258 ms, 29 sleeps f04.b6c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION f04.b6c: *0000000000000000-ffffffffff08ffff 0x0001/0x0000 0x0000000 f04.b6c: *0000000000f70000-0000000000f4ffff 0x0004/0x0004 0x0020000 f04.b6c: *0000000000f90000-0000000000f7bfff 0x0002/0x0002 0x0040000 f04.b6c: 0000000000fa4000-0000000000f97fff 0x0001/0x0000 0x0000000 f04.b6c: *0000000000fb0000-0000000000eb4fff 0x0000/0x0004 0x0020000 f04.b6c: 00000000010ab000-00000000010a7fff 0x0104/0x0004 0x0020000 f04.b6c: 00000000010ae000-00000000010abfff 0x0004/0x0004 0x0020000 f04.b6c: *00000000010b0000-00000000010abfff 0x0002/0x0002 0x0040000 f04.b6c: 00000000010b4000-00000000010a7fff 0x0001/0x0000 0x0000000 f04.b6c: *00000000010c0000-00000000010bdfff 0x0004/0x0004 0x0020000 f04.b6c: 00000000010c2000-ffffffff821a3fff 0x0001/0x0000 0x0000000 f04.b6c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 f04.b6c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 f04.b6c: 000000007fff0000-ffff80097a09ffff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff785f40000-00007ff785f0cfff 0x0002/0x0002 0x0040000 f04.b6c: *00007ff785f73000-00007ff785f71fff 0x0004/0x0004 0x0020000 f04.b6c: 00007ff785f74000-00007ff785f69fff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff785f7e000-00007ff785f7bfff 0x0004/0x0004 0x0020000 f04.b6c: 00007ff785f80000-00007ff78520ffff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff786cf0000-00007ff786cf0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786cf1000-00007ff786d60fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786d61000-00007ff786d61fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786d62000-00007ff786da6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786da7000-00007ff786da7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786da8000-00007ff786da8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786da9000-00007ff786dadfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786dae000-00007ff786daefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786daf000-00007ff786daffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786db0000-00007ff786db3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786db4000-00007ff786dfbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786dfc000-00007ff6bc0e7fff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff851b10000-00007ff851b0efff 0x0040/0x0040 0x0020000 !! f04.b6c: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00007ff851b10000 (LB 0x1000, 00007ff851b10000 LB 0x1000) f04.b6c: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [00007ff851b10000/00007ff851b10000 LB 0/0x1000] f04.b6c: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/00007ff851b10000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001 f04.b6c: 00007ff851b11000-00007ff851b01fff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff851b20000-00007ff851b20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851b21000-00007ff851c1dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c1e000-00007ff851c5ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c60000-00007ff851c68fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c69000-00007ff851c76fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c77000-00007ff851c77fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c78000-00007ff851c7afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c7b000-00007ff851ce1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851ce2000-00007ff0a39e3fff 0x0001/0x0000 0x0000000 f04.b6c: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000 f04.b6c: VirtualBox.exe: timestamp 0x57220aaf (rc=VINF_SUCCESS) f04.b6c: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports f04.b6c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports f04.b6c: ntdll.dll: Differences in section #1 (.text) between file and memory: f04.b6c: 00007ff851b36020 / 0x0016020: 40 != e9 f04.b6c: 00007ff851b36021 / 0x0016021: 55 != 67 f04.b6c: 00007ff851b36022 / 0x0016022: 57 != a0 f04.b6c: 00007ff851b36023 / 0x0016023: 41 != fd f04.b6c: 00007ff851b36024 / 0x0016024: 56 != ff f04.b6c: Restored 0x2000 bytes of original file content at 00007ff851b35000 f04.b6c: supR3HardNtChildPurify: cFixes=2 g_fSupAdversaries=0x80000000 f04.b6c: supR3HardNtChildPurify: Startup delay kludge #1/1: 513 ms, 57 sleeps f04.b6c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION f04.b6c: *0000000000000000-ffffffffff08ffff 0x0001/0x0000 0x0000000 f04.b6c: *0000000000f70000-0000000000f4ffff 0x0004/0x0004 0x0020000 f04.b6c: *0000000000f90000-0000000000f7bfff 0x0002/0x0002 0x0040000 f04.b6c: 0000000000fa4000-0000000000f97fff 0x0001/0x0000 0x0000000 f04.b6c: *0000000000fb0000-0000000000eb4fff 0x0000/0x0004 0x0020000 f04.b6c: 00000000010ab000-00000000010a7fff 0x0104/0x0004 0x0020000 f04.b6c: 00000000010ae000-00000000010abfff 0x0004/0x0004 0x0020000 f04.b6c: *00000000010b0000-00000000010abfff 0x0002/0x0002 0x0040000 f04.b6c: 00000000010b4000-00000000010a7fff 0x0001/0x0000 0x0000000 f04.b6c: *00000000010c0000-00000000010bdfff 0x0004/0x0004 0x0020000 f04.b6c: 00000000010c2000-ffffffff821a3fff 0x0001/0x0000 0x0000000 f04.b6c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 f04.b6c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 f04.b6c: 000000007fff0000-ffff80097a09ffff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff785f40000-00007ff785f0cfff 0x0002/0x0002 0x0040000 f04.b6c: *00007ff785f73000-00007ff785f71fff 0x0004/0x0004 0x0020000 f04.b6c: 00007ff785f74000-00007ff785f69fff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff785f7e000-00007ff785f7bfff 0x0004/0x0004 0x0020000 f04.b6c: 00007ff785f80000-00007ff78520ffff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff786cf0000-00007ff786cf0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786cf1000-00007ff786d60fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786d61000-00007ff786d61fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786d62000-00007ff786da6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786da7000-00007ff786db3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786db4000-00007ff786dfbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe f04.b6c: 00007ff786dfc000-00007ff6bc0d7fff 0x0001/0x0000 0x0000000 f04.b6c: *00007ff851b20000-00007ff851b20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851b21000-00007ff851c1dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c1e000-00007ff851c5ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c60000-00007ff851c63fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c64000-00007ff851c68fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c69000-00007ff851c76fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c77000-00007ff851c77fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c78000-00007ff851c7afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851c7b000-00007ff851ce1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f04.b6c: 00007ff851ce2000-00007ff0a39e3fff 0x0001/0x0000 0x0000000 f04.b6c: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000 f04.b6c: supR3HardNtChildPurify: Done after 821 ms and 2 fixes (loop #1). f04.b6c: supR3HardNtEnableThreadCreation: 984.1104: Log file opened: 5.0.20r106931 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0280000 984.1104: supR3HardenedVmProcessInit: uNtDllAddr=00007ff851b20000 g_uNtVerCombined=0xa0280000 984.1104: ntdll.dll: timestamp 0x56ad9704 (rc=VINF_SUCCESS) 984.1104: New simple heap: #1 00000000011d0000 LB 0x400000 (for 1843200 allocation) 984.1104: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\aawinwinxxx\voox' 984.1104: System32: \Device\HarddiskVolume3\Windows\System32 984.1104: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS 984.1104: KnownDllPath: C:\Windows\system32 984.1104: supR3HardenedVmProcessInit: Opening vboxdrv stub... 984.1104: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 984.1104: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 984.1104: Registered Dll notification callback with NTDLL. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801: [calling] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e940000 LB 0x001dd000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f230000 LB 0x000ad000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f230000 'C:\Windows\system32\KERNEL32.DLL' 984.1104: supR3HardenedDllNotificationCallback: load 00007ff786cf0000 LB 0x0010c000 D:\aawinwinxxx\voox\VirtualBox.exe [fFlags=0x0] 984.1104: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe 984.1104: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff851b8be60 pvNtTerminateThread=00007ff851bb3d50 f04.b6c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 154 ms. 984.1104: \SystemRoot\System32\ntdll.dll: 984.1104: CreationTime: 2016-02-10T12:52:21.621234900Z 984.1104: LastWriteTime: 2016-01-31T06:24:08.504709500Z 984.1104: ChangeTime: 2016-02-11T16:14:33.084453300Z 984.1104: FileAttributes: 0x20 984.1104: Size: 0x1bd870 984.1104: NT Headers: 0xd8 984.1104: Timestamp: 0x56ad9704 984.1104: Machine: 0x8664 - amd64 984.1104: Timestamp: 0x56ad9704 984.1104: Image Version: 10.0 984.1104: SizeOfImage: 0x1c2000 (1843200) 984.1104: Resource Dir: 0x15b000 LB 0x65718 984.1104: ProductName: Microsoft® Windows® Operating System 984.1104: ProductVersion: 10.0.10240.16683 984.1104: FileVersion: 10.0.10240.16683 (th1.160130-1842) 984.1104: FileDescription: NT Layer DLL 984.1104: \SystemRoot\System32\kernel32.dll: 984.1104: CreationTime: 2015-07-10T10:59:59.699781600Z 984.1104: LastWriteTime: 2015-07-10T10:59:59.699781600Z 984.1104: ChangeTime: 2015-12-21T17:25:44.929083900Z 984.1104: FileAttributes: 0x20 984.1104: Size: 0xab830 984.1104: NT Headers: 0xf0 984.1104: Timestamp: 0x559f38ad 984.1104: Machine: 0x8664 - amd64 984.1104: Timestamp: 0x559f38ad 984.1104: Image Version: 10.0 984.1104: SizeOfImage: 0xad000 (708608) 984.1104: Resource Dir: 0xab000 LB 0x518 984.1104: ProductName: Microsoft® Windows® Operating System 984.1104: ProductVersion: 10.0.10240.16384 984.1104: FileVersion: 10.0.10240.16384 (th1.150709-1700) 984.1104: FileDescription: Windows NT BASE API Client DLL 984.1104: \SystemRoot\System32\KernelBase.dll: 984.1104: CreationTime: 2016-04-13T11:51:55.397563100Z 984.1104: LastWriteTime: 2016-03-16T04:55:53.161694100Z 984.1104: ChangeTime: 2016-04-14T18:02:07.876142900Z 984.1104: FileAttributes: 0x20 984.1104: Size: 0x1dc880 984.1104: NT Headers: 0xf0 984.1104: Timestamp: 0x56e8d499 984.1104: Machine: 0x8664 - amd64 984.1104: Timestamp: 0x56e8d499 984.1104: Image Version: 10.0 984.1104: SizeOfImage: 0x1dd000 (1953792) 984.1104: Resource Dir: 0x1c7000 LB 0x538 984.1104: ProductName: Microsoft® Windows® Operating System 984.1104: ProductVersion: 10.0.10240.16766 984.1104: FileVersion: 10.0.10240.16766 (th1_st1.160315-1811) 984.1104: FileDescription: Windows NT BASE API Client DLL 984.1104: \SystemRoot\System32\apisetschema.dll: 984.1104: CreationTime: 2015-07-10T11:00:04.872098600Z 984.1104: LastWriteTime: 2015-07-10T11:00:04.872098600Z 984.1104: ChangeTime: 2015-12-18T08:27:14.277572100Z 984.1104: FileAttributes: 0x20 984.1104: Size: 0x16760 984.1104: NT Headers: 0xc8 984.1104: Timestamp: 0x559f3e3d 984.1104: Machine: 0x8664 - amd64 984.1104: Timestamp: 0x559f3e3d 984.1104: Image Version: 10.0 984.1104: SizeOfImage: 0x17000 (94208) 984.1104: Resource Dir: 0x16000 LB 0x3f0 984.1104: ProductName: Microsoft® Windows® Operating System 984.1104: ProductVersion: 10.0.10240.16384 984.1104: FileVersion: 10.0.10240.16384 (th1.150709-1700) 984.1104: FileDescription: ApiSet Schema DLL 984.1104: NtOpenDirectoryObject failed on \Driver: 0xc0000022 984.1104: supR3HardenedWinFindAdversaries: 0x0 984.1104: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\aawinwinxxx\voox' 984.1104: Calling main() 984.1104: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 984.1104: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\aawinwinxxx\voox' 984.1104: '\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe' has no imports 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.exe) 984.1104: SUPR3HardenedMain: Respawn #2 984.1104: supR3HardNtEnableThreadCreation: 984.1104: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) 984.1104: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment 7 --startvm 31138404-1ce1-4ed3-97ad-20a90bc86efb --no-startvm-errormsgbox --sup-hardening-log=D:\aawinwinxxx\vboxxt\7\Logs\VBoxHardening.log' 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtopenglvbox4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'shell32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'gdi32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\vboxrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume3\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'dciman32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ddraw.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ddraw.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'nsi.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\winspool.drv) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winspool.drv 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'msctf.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'shlwapi.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'comctl32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'shell32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\aawinwinxxx\voox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume3\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume3\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dciman32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dciman32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff8515f0000 LB 0x0009d000 C:\Windows\system32\msvcrt.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff851690000 LB 0x00126000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f9c0000 LB 0x0005b000 C:\Windows\system32\sechost.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff8518a0000 LB 0x000a6000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f340000 LB 0x0014e000 C:\Windows\system32\USER32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff851460000 LB 0x00186000 C:\Windows\system32\GDI32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff846000000 LB 0x00008000 C:\Windows\SYSTEM32\DCIMAN32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff8310f0000 LB 0x000f6000 C:\Windows\SYSTEM32\DDRAW.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff833770000 LB 0x0002e000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff8311f0000 LB 0x00128000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 000000006ed60000 LB 0x000d2000 D:\aawinwinxxx\voox\MSVCR100.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcr100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 000000006ecc0000 LB 0x00098000 D:\aawinwinxxx\voox\MSVCP100.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\msvcp100.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f1b0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f4a0000 LB 0x00069000 C:\Windows\system32\WS2_32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff831be0000 LB 0x0050f000 D:\aawinwinxxx\voox\VBoxRT.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fa20000 LB 0x0027c000 C:\Windows\system32\combase.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fda0000 LB 0x00141000 C:\Windows\system32\ole32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 000000006e9e0000 LB 0x002de000 D:\aawinwinxxx\voox\QtCoreVBox4.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtCoreVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e660000 LB 0x000b3000 C:\Windows\system32\shcore.dll [fFlags=0x0] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'combase.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f740000 LB 0x00051000 C:\Windows\system32\shlwapi.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff847120000 LB 0x000aa000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\COMCTL32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e510000 LB 0x0000f000 C:\Windows\system32\kernel.appcore.dll [fFlags=0x0] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e560000 LB 0x0004a000 C:\Windows\system32\powrprof.dll [fFlags=0x0] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e520000 LB 0x00013000 C:\Windows\system32\profapi.dll [fFlags=0x0] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84eb20000 LB 0x00628000 C:\Windows\system32\windows.storage.dll [fFlags=0x0] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'profapi.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fef0000 LB 0x01568000 C:\Windows\system32\SHELL32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff8517c0000 LB 0x000d7000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fce0000 LB 0x000be000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f5e0000 LB 0x0015c000 C:\Windows\system32\MSCTF.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84fca0000 LB 0x00036000 C:\Windows\system32\IMM32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e8f0000 LB 0x00044000 C:\Windows\system32\cfgmgr32.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84ce20000 LB 0x00027000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84c700000 LB 0x0002c000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84c840000 LB 0x00023000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e3a0000 LB 0x00028000 C:\Windows\SYSTEM32\bcrypt.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff847090000 LB 0x00084000 C:\Windows\SYSTEM32\WINSPOOL.DRV [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 000000006e070000 LB 0x0096c000 D:\aawinwinxxx\voox\QtGuiVBox4.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtGuiVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 000000006df90000 LB 0x000dc000 D:\aawinwinxxx\voox\QtOpenGLVBox4.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff831320000 LB 0x008c0000 D:\aawinwinxxx\voox\VirtualBox.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VirtualBox.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f230000 'C:\Windows\system32\kernel32.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=D:\aawinwinxxx\voox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\aawinwinxxx\voox\VBoxRT.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831be0000 'D:\aawinwinxxx\voox\VBoxRT.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84fca0000 'C:\Windows\system32\imm32.dll' 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831320000 'D:\aawinwinxxx\voox\VirtualBox.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84c840000 'C:\Windows\system32\winmm.dll' 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 984.1104: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84cd80000 LB 0x00096000 C:\Windows\system32\uxtheme.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll' 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84c480000 LB 0x00022000 C:\Windows\system32\dwmapi.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84e330000 LB 0x0006b000 C:\Windows\SYSTEM32\bcryptPrimitives.dll [fFlags=0x0] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84fef0000 'C:\Windows\system32\shell32.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f230000 'C:\Windows\system32\kernel32.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll' 984.1104: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f340000 'C:\Windows\system32\user32.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cd80000 'C:\Windows\system32\uxtheme.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f340000 'C:\Windows\system32\user32.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff851460000 'C:\Windows\system32\gdi32.dll' 984.1104: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f340000 'C:\Windows\system32\user32.dll' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\SYSTEM32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84c840000 'C:\Windows\SYSTEM32\WINMM.dll' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff851690000 'C:\Windows\system32\rpcrt4.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84f5e0000 'C:\Windows\system32\MSCTF.dll' 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll 984.1104: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll' [redir] 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\propsys.dll 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84c2d0000 LB 0x00183000 C:\Windows\SYSTEM32\PROPSYS.dll [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff847760000 LB 0x00072000 C:\Windows\SYSTEM32\MMDevAPI.DLL [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'winmm.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'avrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'mmdevapi.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff846e30000 LB 0x00008000 C:\Windows\SYSTEM32\ksuser.dll [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff846e20000 LB 0x0000b000 C:\Windows\SYSTEM32\AVRT.dll [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff848510000 LB 0x00041000 C:\Windows\system32\wdmaud.drv [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff847760000 'C:\Windows\system32\MMDEVAPI.DLL' 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll) 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1104: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff847120000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10240.16384_none_0212ec7eba871e86\comctl32.dll' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'mmdevapi.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'combase.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84b810000 LB 0x00131000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff841a50000 LB 0x00085000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff841a50000 'C:\Windows\system32\AUDIOSES.DLL' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff848510000 'C:\Windows\system32\wdmaud.drv' 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff848620000 LB 0x0001c000 C:\Windows\SYSTEM32\MSACM32.dll [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84be60000 LB 0x0000c000 C:\Windows\system32\msacm32.drv [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84be60000 'C:\Windows\system32\msacm32.drv' 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'. 984.1fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\midimap.dll) 984.1fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 984.1fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 984.1fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedDllNotificationCallback: load 00007ff84af80000 LB 0x0000a000 C:\Windows\system32\midimap.dll [fFlags=0x0] 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll' 984.1fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 984.1fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84af80000 'C:\Windows\system32\midimap.dll' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 984.1104: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84fda0000 'C:\Windows\system32\ole32.dll' 984.1104: supR3HardenedDllNotificationCallback: load 00007ff84f530000 LB 0x000a5000 C:\Windows\system32\clbcatq.dll [fFlags=0x0] 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 984.1104: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 984.1104: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll) 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll 984.1104: \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime: Owner is administrators group. 984.1104: supHardenedWinVerifyImageByHandle: -> -23021 (\Device\HarddiskVolume3\Windows\System32\SogouTSF.ime) 984.1104: Error (rc=0): 984.1104: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime: None of the 1 path(s) have a trust anchor.: \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime 984.1104: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime 984.1104: Error (rc=0): 984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime [lacks WinVerifyTrust] 984.1104: Error (rc=0): 984.1104: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=1 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime 984.1104: Error (rc=0): 984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime [lacks WinVerifyTrust] 984.1104: Error (rc=0): 984.1104: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime 984.1104: Error (rc=0): 984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime' 984.1104: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime [lacks WinVerifyTrust] 984.1104: Error (rc=0): 984.1104: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=3 \Device\HarddiskVolume3\Windows\System32\SogouTSF.ime 984.1104: Error (rc=0): 984.1104: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\sogoutsf.ime' (C:\Windows\system32\sogoutsf.ime): rcNt=0xc0000190 984.1104: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\sogoutsf.ime' f04.b6c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 37490 ms, the end);