2ae8.132c: Log file opened: 5.1.22r115126 g_hStartupLog=0000000000000160 g_uNtVerCombined=0xa0383900 2ae8.132c: \SystemRoot\System32\ntdll.dll: 2ae8.132c: CreationTime: 2017-02-27T18:09:52.137253500Z 2ae8.132c: LastWriteTime: 2017-02-27T18:09:52.165262000Z 2ae8.132c: ChangeTime: 2017-07-14T16:19:12.473450900Z 2ae8.132c: FileAttributes: 0x20 2ae8.132c: Size: 0x1cc888 2ae8.132c: NT Headers: 0xd8 2ae8.132c: Timestamp: 0x5825887f 2ae8.132c: Machine: 0x8664 - amd64 2ae8.132c: Timestamp: 0x5825887f 2ae8.132c: Image Version: 10.0 2ae8.132c: SizeOfImage: 0x1d1000 (1904640) 2ae8.132c: Resource Dir: 0x168000 LB 0x67988 2ae8.132c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 2ae8.132c: [Raw version resource data: 0x1680f0 LB 0x388, codepage 0x0 (reserved 0x0)] 2ae8.132c: ProductName: Microsoft® Windows® Operating System 2ae8.132c: ProductVersion: 10.0.14393.479 2ae8.132c: FileVersion: 10.0.14393.479 (rs1_release.161110-2025) 2ae8.132c: FileDescription: NT Layer DLL 2ae8.132c: \SystemRoot\System32\kernel32.dll: 2ae8.132c: CreationTime: 2017-05-31T17:24:39.430163700Z 2ae8.132c: LastWriteTime: 2017-04-28T00:49:43.332433600Z 2ae8.132c: ChangeTime: 2017-07-14T16:19:11.865293800Z 2ae8.132c: FileAttributes: 0x20 2ae8.132c: Size: 0xab208 2ae8.132c: NT Headers: 0xf0 2ae8.132c: Timestamp: 0x59028368 2ae8.132c: Machine: 0x8664 - amd64 2ae8.132c: Timestamp: 0x59028368 2ae8.132c: Image Version: 10.0 2ae8.132c: SizeOfImage: 0xac000 (704512) 2ae8.132c: Resource Dir: 0xaa000 LB 0x530 2ae8.132c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 2ae8.132c: [Raw version resource data: 0xaa0b0 LB 0x3b4, codepage 0x0 (reserved 0x0)] 2ae8.132c: ProductName: Microsoft® Windows® Operating System 2ae8.132c: ProductVersion: 10.0.14393.1198 2ae8.132c: FileVersion: 10.0.14393.1198 (rs1_release_sec.170427-1353) 2ae8.132c: FileDescription: Windows NT BASE API Client DLL 2ae8.132c: \SystemRoot\System32\KernelBase.dll: 2ae8.132c: CreationTime: 2017-07-14T16:11:04.020934100Z 2ae8.132c: LastWriteTime: 2017-06-03T10:09:08.071687200Z 2ae8.132c: ChangeTime: 2017-07-15T16:28:38.492525100Z 2ae8.132c: FileAttributes: 0x20 2ae8.132c: Size: 0x21c780 2ae8.132c: NT Headers: 0xf8 2ae8.132c: Timestamp: 0x59327897 2ae8.132c: Machine: 0x8664 - amd64 2ae8.132c: Timestamp: 0x59327897 2ae8.132c: Image Version: 10.0 2ae8.132c: SizeOfImage: 0x21d000 (2215936) 2ae8.132c: Resource Dir: 0x201000 LB 0x550 2ae8.132c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 2ae8.132c: [Raw version resource data: 0x2010b0 LB 0x3c4, codepage 0x0 (reserved 0x0)] 2ae8.132c: ProductName: Microsoft® Windows® Operating System 2ae8.132c: ProductVersion: 10.0.14393.1358 2ae8.132c: FileVersion: 10.0.14393.1358 (rs1_release.170602-2252) 2ae8.132c: FileDescription: Windows NT BASE API Client DLL 2ae8.132c: \SystemRoot\System32\apisetschema.dll: 2ae8.132c: CreationTime: 2016-07-16T11:42:21.577586000Z 2ae8.132c: LastWriteTime: 2016-07-16T11:42:21.577586000Z 2ae8.132c: ChangeTime: 2017-05-25T16:04:28.657703100Z 2ae8.132c: FileAttributes: 0x20 2ae8.132c: Size: 0x18960 2ae8.132c: NT Headers: 0xc8 2ae8.132c: Timestamp: 0x57899bd2 2ae8.132c: Machine: 0x8664 - amd64 2ae8.132c: Timestamp: 0x57899bd2 2ae8.132c: Image Version: 10.0 2ae8.132c: SizeOfImage: 0x19000 (102400) 2ae8.132c: Resource Dir: 0x18000 LB 0x400 2ae8.132c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 2ae8.132c: [Raw version resource data: 0x18060 LB 0x3a0, codepage 0x0 (reserved 0x0)] 2ae8.132c: ProductName: Microsoft® Windows® Operating System 2ae8.132c: ProductVersion: 10.0.14393.0 2ae8.132c: FileVersion: 10.0.14393.0 (rs1_release.160715-1616) 2ae8.132c: FileDescription: ApiSet Schema DLL 2ae8.132c: NtOpenDirectoryObject failed on \Driver: 0xc0000022 2ae8.132c: supR3HardenedWinFindAdversaries: 0x10000 2ae8.132c: \SystemRoot\System32\drivers\privman.sys: 2ae8.132c: CreationTime: 2017-07-28T14:37:28.355320000Z 2ae8.132c: LastWriteTime: 2017-06-22T19:55:22.000000000Z 2ae8.132c: ChangeTime: 2017-07-31T14:22:56.861880500Z 2ae8.132c: FileAttributes: 0x20 2ae8.132c: Size: 0x10630 2ae8.132c: NT Headers: 0x100 2ae8.132c: Timestamp: 0x594be0d5 2ae8.132c: Machine: 0x8664 - amd64 2ae8.132c: Timestamp: 0x594be0d5 2ae8.132c: Image Version: 6.1 2ae8.132c: SizeOfImage: 0xf000 (61440) 2ae8.132c: Resource Dir: 0xb000 LB 0x2fa8 2ae8.132c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x0)] 2ae8.132c: [Raw version resource data: 0xb0a0 LB 0x33c, codepage 0x0 (reserved 0x0)] 2ae8.132c: ProductName: PowerBroker for Windows 2ae8.132c: ProductVersion: 7.3.0.0 2ae8.132c: FileVersion: 7.3.0.0 2ae8.132c: FileDescription: PowerBroker for Windows 2ae8.132c: \SystemRoot\System32\privman64.dll: 2ae8.132c: CreationTime: 2017-06-22T17:52:44.000000000Z 2ae8.132c: LastWriteTime: 2017-06-22T17:52:44.000000000Z 2ae8.132c: ChangeTime: 2017-07-31T14:22:56.868895000Z 2ae8.132c: FileAttributes: 0x20 2ae8.132c: Size: 0x39100 2ae8.132c: NT Headers: 0xf8 2ae8.132c: Timestamp: 0x594be02a 2ae8.132c: Machine: 0x8664 - amd64 2ae8.132c: Timestamp: 0x594be02a 2ae8.132c: Image Version: 0.0 2ae8.132c: SizeOfImage: 0x3a000 (237568) 2ae8.132c: Resource Dir: 0x38000 LB 0x578 2ae8.132c: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x0)] 2ae8.132c: [Raw version resource data: 0x380a0 LB 0x37c, codepage 0x4e4 (reserved 0x0)] 2ae8.132c: ProductName: PowerBroker for Windows 2ae8.132c: ProductVersion: 7.3.0.0 2ae8.132c: FileVersion: 7.3.0.0 2ae8.132c: FileDescription: BeyondTrust PowerBroker for Windows DLL 2ae8.132c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 2ae8.132c: Calling main() 2ae8.132c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 2ae8.132c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 2ae8.132c: SUPR3HardenedMain: Respawn #1 2ae8.132c: System32: \Device\HarddiskVolume4\Windows\System32 2ae8.132c: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 2ae8.132c: KnownDllPath: C:\WINDOWS\System32 2ae8.132c: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 2ae8.132c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 2ae8.132c: supR3HardNtEnableThreadCreation: 2ae8.132c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb65e69fa0 pvNtTerminateThread=00007ffb65e96b20 2ae8.132c: supR3HardenedWinDoReSpawn(1): New child 20e8.2fb4 [kernel32]. 2ae8.132c: supR3HardNtChildGatherData: PebBaseAddress=0000000000d64000 cbPeb=0x388 2ae8.132c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffb65df0000 uNtDllChildAddr=00007ffb65df0000 2ae8.132c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffb65e69fa0 2ae8.132c: supR3HardenedWinSetupChildInit: Start child. 2ae8.132c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms. 2ae8.132c: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 61 sleeps 2ae8.132c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 2ae8.132c: *0000000000000000-0000000000adffff 0x0001/0x0000 0x0000000 2ae8.132c: *0000000000ae0000-0000000000afffff 0x0004/0x0004 0x0020000 2ae8.132c: *0000000000b00000-0000000000b15fff 0x0002/0x0002 0x0040000 2ae8.132c: 0000000000b16000-0000000000b1ffff 0x0001/0x0000 0x0000000 2ae8.132c: *0000000000b20000-0000000000b23fff 0x0002/0x0002 0x0040000 2ae8.132c: 0000000000b24000-0000000000b2ffff 0x0001/0x0000 0x0000000 2ae8.132c: *0000000000b30000-0000000000b31fff 0x0004/0x0004 0x0020000 2ae8.132c: 0000000000b32000-0000000000bfffff 0x0001/0x0000 0x0000000 2ae8.132c: *0000000000c00000-0000000000d63fff 0x0000/0x0004 0x0020000 2ae8.132c: 0000000000d64000-0000000000d66fff 0x0004/0x0004 0x0020000 2ae8.132c: 0000000000d67000-0000000000dfffff 0x0000/0x0004 0x0020000 2ae8.132c: *0000000000e00000-0000000000efafff 0x0000/0x0004 0x0020000 2ae8.132c: 0000000000efb000-0000000000efdfff 0x0104/0x0004 0x0020000 2ae8.132c: 0000000000efe000-0000000000efffff 0x0004/0x0004 0x0020000 2ae8.132c: 0000000000f00000-000000007ffdffff 0x0001/0x0000 0x0000000 2ae8.132c: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 2ae8.132c: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000 2ae8.132c: 000000007fff0000-00007ff7218fffff 0x0001/0x0000 0x0000000 2ae8.132c: *00007ff721900000-00007ff721922fff 0x0002/0x0002 0x0040000 2ae8.132c: 00007ff721923000-00007ff721f8ffff 0x0001/0x0000 0x0000000 2ae8.132c: *00007ff721f90000-00007ff721f90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff721f91000-00007ff722000fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff722001000-00007ff722001fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff722002000-00007ff722046fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff722047000-00007ff722047fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff722048000-00007ff722048fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff722049000-00007ff72204dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff72204e000-00007ff72204efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff72204f000-00007ff72204ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff722050000-00007ff722053fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff722054000-00007ff72209bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 2ae8.132c: 00007ff72209c000-00007ffb65deffff 0x0001/0x0000 0x0000000 2ae8.132c: *00007ffb65df0000-00007ffb65df0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65df1000-00007ffb65ef7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65ef8000-00007ffb65f3bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65f3c000-00007ffb65f44fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65f45000-00007ffb65f52fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65f53000-00007ffb65f53fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65f54000-00007ffb65f56fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65f57000-00007ffb65fc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 2ae8.132c: 00007ffb65fc1000-00007ffffffdffff 0x0001/0x0000 0x0000000 2ae8.132c: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000 2ae8.132c: VirtualBox.exe: timestamp 0x5903619d (rc=VINF_SUCCESS) 2ae8.132c: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 2ae8.132c: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports 2ae8.132c: supR3HardNtChildPurify: Done after 589 ms and 0 fixes (loop #0). 20e8.2fb4: Log file opened: 5.1.22r115126 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0383900 20e8.2fb4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffb65df0000 g_uNtVerCombined=0xa0383900 2ae8.132c: supR3HardNtEnableThreadCreation: 20e8.2fb4: ntdll.dll: timestamp 0x5825887f (rc=VINF_SUCCESS) 20e8.2fb4: New simple heap: #1 0000000001000000 LB 0x400000 (for 1904640 allocation) 20e8.2fb4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 20e8.2fb4: System32: \Device\HarddiskVolume4\Windows\System32 20e8.2fb4: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 20e8.2fb4: KnownDllPath: C:\WINDOWS\System32 20e8.2fb4: supR3HardenedVmProcessInit: Opening vboxdrv stub... 20e8.2fb4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 20e8.2fb4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 20e8.2fb4: Registered Dll notification callback with NTDLL. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001: [calling] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb623a0000 LB 0x0021d000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63d50000 LB 0x000ac000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb63d50000 'C:\WINDOWS\System32\KERNEL32.DLL' 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ff721f90000 LB 0x0010c000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0] 20e8.2fb4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'rpcrt4.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'version.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'userenv.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\privman64.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\privman64.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'profapi.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'user32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #68 'gdi32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume4\Windows\System32\version.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\version.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\version.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\privman64.dll (Input=privman64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\privman64.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb646a0000 LB 0x00121000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63950000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb620c0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\VERSION.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb62e00000 LB 0x0001e000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb62e20000 LB 0x00180000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'win32u.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63f60000 LB 0x00034000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb64530000 LB 0x00165000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb64400000 LB 0x00059000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63a60000 LB 0x000a2000 C:\WINDOWS\System32\ADVAPI32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63010000 LB 0x00042000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb625c0000 LB 0x000f5000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb62fa0000 LB 0x0006a000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb64000000 LB 0x002c8000 C:\WINDOWS\System32\combase.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'bcryptprimitives.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb62270000 LB 0x0004c000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63fa0000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb622c0000 LB 0x0000f000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb622f0000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'combase.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb622d0000 LB 0x00014000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb626c0000 LB 0x006da000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'combase.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #63 'profapi.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb64840000 LB 0x01508000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb620a0000 LB 0x0001f000 C:\WINDOWS\SYSTEM32\USERENV.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb620d0000 LB 0x0003a000 C:\WINDOWS\System32\privman64.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\privman64.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'win32u.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb643d0000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb643d0000 'C:\WINDOWS\system32\IMM32.DLL' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-synch-l1-2-0' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-fibers-l1-1-1' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-fibers-l1-1-1' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-synch-l1-2-0' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-localization-l1-2-1' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb63d50000 'C:\WINDOWS\System32\kernel32.dll' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb620d0000 'C:\WINDOWS\System32\privman64.dll' 20e8.2fb4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb65e69fa0 pvNtTerminateThread=00007ffb65e96b20 2ae8.132c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 469 ms. 20e8.2fb4: \SystemRoot\System32\ntdll.dll: 20e8.2fb4: CreationTime: 2017-02-27T18:09:52.137253500Z 20e8.2fb4: LastWriteTime: 2017-02-27T18:09:52.165262000Z 20e8.2fb4: ChangeTime: 2017-07-14T16:19:12.473450900Z 20e8.2fb4: FileAttributes: 0x20 20e8.2fb4: Size: 0x1cc888 20e8.2fb4: NT Headers: 0xd8 20e8.2fb4: Timestamp: 0x5825887f 20e8.2fb4: Machine: 0x8664 - amd64 20e8.2fb4: Timestamp: 0x5825887f 20e8.2fb4: Image Version: 10.0 20e8.2fb4: SizeOfImage: 0x1d1000 (1904640) 20e8.2fb4: Resource Dir: 0x168000 LB 0x67988 20e8.2fb4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 20e8.2fb4: [Raw version resource data: 0x1680f0 LB 0x388, codepage 0x0 (reserved 0x0)] 20e8.2fb4: ProductName: Microsoft® Windows® Operating System 20e8.2fb4: ProductVersion: 10.0.14393.479 20e8.2fb4: FileVersion: 10.0.14393.479 (rs1_release.161110-2025) 20e8.2fb4: FileDescription: NT Layer DLL 20e8.2fb4: \SystemRoot\System32\kernel32.dll: 20e8.2fb4: CreationTime: 2017-05-31T17:24:39.430163700Z 20e8.2fb4: LastWriteTime: 2017-04-28T00:49:43.332433600Z 20e8.2fb4: ChangeTime: 2017-07-14T16:19:11.865293800Z 20e8.2fb4: FileAttributes: 0x20 20e8.2fb4: Size: 0xab208 20e8.2fb4: NT Headers: 0xf0 20e8.2fb4: Timestamp: 0x59028368 20e8.2fb4: Machine: 0x8664 - amd64 20e8.2fb4: Timestamp: 0x59028368 20e8.2fb4: Image Version: 10.0 20e8.2fb4: SizeOfImage: 0xac000 (704512) 20e8.2fb4: Resource Dir: 0xaa000 LB 0x530 20e8.2fb4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 20e8.2fb4: [Raw version resource data: 0xaa0b0 LB 0x3b4, codepage 0x0 (reserved 0x0)] 20e8.2fb4: ProductName: Microsoft® Windows® Operating System 20e8.2fb4: ProductVersion: 10.0.14393.1198 20e8.2fb4: FileVersion: 10.0.14393.1198 (rs1_release_sec.170427-1353) 20e8.2fb4: FileDescription: Windows NT BASE API Client DLL 20e8.2fb4: \SystemRoot\System32\KernelBase.dll: 20e8.2fb4: CreationTime: 2017-07-14T16:11:04.020934100Z 20e8.2fb4: LastWriteTime: 2017-06-03T10:09:08.071687200Z 20e8.2fb4: ChangeTime: 2017-07-15T16:28:38.492525100Z 20e8.2fb4: FileAttributes: 0x20 20e8.2fb4: Size: 0x21c780 20e8.2fb4: NT Headers: 0xf8 20e8.2fb4: Timestamp: 0x59327897 20e8.2fb4: Machine: 0x8664 - amd64 20e8.2fb4: Timestamp: 0x59327897 20e8.2fb4: Image Version: 10.0 20e8.2fb4: SizeOfImage: 0x21d000 (2215936) 20e8.2fb4: Resource Dir: 0x201000 LB 0x550 20e8.2fb4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 20e8.2fb4: [Raw version resource data: 0x2010b0 LB 0x3c4, codepage 0x0 (reserved 0x0)] 20e8.2fb4: ProductName: Microsoft® Windows® Operating System 20e8.2fb4: ProductVersion: 10.0.14393.1358 20e8.2fb4: FileVersion: 10.0.14393.1358 (rs1_release.170602-2252) 20e8.2fb4: FileDescription: Windows NT BASE API Client DLL 20e8.2fb4: \SystemRoot\System32\apisetschema.dll: 20e8.2fb4: CreationTime: 2016-07-16T11:42:21.577586000Z 20e8.2fb4: LastWriteTime: 2016-07-16T11:42:21.577586000Z 20e8.2fb4: ChangeTime: 2017-05-25T16:04:28.657703100Z 20e8.2fb4: FileAttributes: 0x20 20e8.2fb4: Size: 0x18960 20e8.2fb4: NT Headers: 0xc8 20e8.2fb4: Timestamp: 0x57899bd2 20e8.2fb4: Machine: 0x8664 - amd64 20e8.2fb4: Timestamp: 0x57899bd2 20e8.2fb4: Image Version: 10.0 20e8.2fb4: SizeOfImage: 0x19000 (102400) 20e8.2fb4: Resource Dir: 0x18000 LB 0x400 20e8.2fb4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 20e8.2fb4: [Raw version resource data: 0x18060 LB 0x3a0, codepage 0x0 (reserved 0x0)] 20e8.2fb4: ProductName: Microsoft® Windows® Operating System 20e8.2fb4: ProductVersion: 10.0.14393.0 20e8.2fb4: FileVersion: 10.0.14393.0 (rs1_release.160715-1616) 20e8.2fb4: FileDescription: ApiSet Schema DLL 20e8.2fb4: NtOpenDirectoryObject failed on \Driver: 0xc0000022 20e8.2fb4: supR3HardenedWinFindAdversaries: 0x10000 20e8.2fb4: \SystemRoot\System32\drivers\privman.sys: 20e8.2fb4: CreationTime: 2017-07-28T14:37:28.355320000Z 20e8.2fb4: LastWriteTime: 2017-06-22T19:55:22.000000000Z 20e8.2fb4: ChangeTime: 2017-07-31T14:22:56.861880500Z 20e8.2fb4: FileAttributes: 0x20 20e8.2fb4: Size: 0x10630 20e8.2fb4: NT Headers: 0x100 20e8.2fb4: Timestamp: 0x594be0d5 20e8.2fb4: Machine: 0x8664 - amd64 20e8.2fb4: Timestamp: 0x594be0d5 20e8.2fb4: Image Version: 6.1 20e8.2fb4: SizeOfImage: 0xf000 (61440) 20e8.2fb4: Resource Dir: 0xb000 LB 0x2fa8 20e8.2fb4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x0)] 20e8.2fb4: [Raw version resource data: 0xb0a0 LB 0x33c, codepage 0x0 (reserved 0x0)] 20e8.2fb4: ProductName: PowerBroker for Windows 20e8.2fb4: ProductVersion: 7.3.0.0 20e8.2fb4: FileVersion: 7.3.0.0 20e8.2fb4: FileDescription: PowerBroker for Windows 20e8.2fb4: \SystemRoot\System32\privman64.dll: 20e8.2fb4: CreationTime: 2017-06-22T17:52:44.000000000Z 20e8.2fb4: LastWriteTime: 2017-06-22T17:52:44.000000000Z 20e8.2fb4: ChangeTime: 2017-07-31T14:22:56.868895000Z 20e8.2fb4: FileAttributes: 0x20 20e8.2fb4: Size: 0x39100 20e8.2fb4: NT Headers: 0xf8 20e8.2fb4: Timestamp: 0x594be02a 20e8.2fb4: Machine: 0x8664 - amd64 20e8.2fb4: Timestamp: 0x594be02a 20e8.2fb4: Image Version: 0.0 20e8.2fb4: SizeOfImage: 0x3a000 (237568) 20e8.2fb4: Resource Dir: 0x38000 LB 0x578 20e8.2fb4: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x0)] 20e8.2fb4: [Raw version resource data: 0x380a0 LB 0x37c, codepage 0x4e4 (reserved 0x0)] 20e8.2fb4: ProductName: PowerBroker for Windows 20e8.2fb4: ProductVersion: 7.3.0.0 20e8.2fb4: FileVersion: 7.3.0.0 20e8.2fb4: FileDescription: BeyondTrust PowerBroker for Windows DLL 20e8.2fb4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 20e8.2fb4: Calling main() 20e8.2fb4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 20e8.2fb4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 20e8.2fb4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 20e8.2fb4: SUPR3HardenedMain: Respawn #2 20e8.2fb4: Error (rc=-5640): 20e8.2fb4: More than one thread in process 20e8.2fb4: Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1) 20e8.2fb4: More than one thread in process 20e8.2fb4: supR3HardNtEnableThreadCreation: 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'combase.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'dciman32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ddraw.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ddraw.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'shlwapi.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'comctl32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'shell32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'bcrypt.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dciman32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dciman32.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\comctl32.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\comctl32.dll 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb4bf90000 LB 0x00008000 C:\WINDOWS\SYSTEM32\DCIMAN32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb4bfa0000 LB 0x000f7000 C:\WINDOWS\SYSTEM32\DDRAW.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb4c0a0000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb4c0d0000 LB 0x00123000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00000000777f0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00000000778d0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63cc0000 LB 0x0006a000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb32910000 LB 0x0053d000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63b80000 LB 0x00138000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb5a400000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 0000000075f80000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb32310000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 0000000075a10000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb61dd0000 LB 0x0002b000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb581e0000 LB 0x00086000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb2e3c0000 LB 0x000ac000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\COMCTL32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\comctl32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb642d0000 LB 0x000fa000 C:\WINDOWS\System32\COMDLG32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb437f0000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 0000000077790000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63230000 LB 0x0009c000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb64460000 LB 0x000bf000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb60610000 LB 0x0002b000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb60670000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb27310000 LB 0x008ea000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb32910000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb643d0000 'C:\WINDOWS\System32\imm32.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb63d50000 'C:\WINDOWS\System32\kernel32.dll' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-string-l1-1-0' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-datetime-l1-1-1' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb623a0000 'api-ms-win-core-localization-obsolete-l1-2-0' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb63a60000 'C:\WINDOWS\System32\ADVAPI32.DLL' 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb61ce0000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb27310000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll' 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb3a920000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb3a920000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll' 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb608c0000 LB 0x00095000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb608c0000 'C:\WINDOWS\system32\uxtheme.dll' 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\PGPhk.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\PGPhk.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\SYSTEM32\PGPhk.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\PGPhk.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb4d800000 LB 0x00010000 C:\WINDOWS\SYSTEM32\PGPhk.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\PGPhk.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d800000 'C:\WINDOWS\SYSTEM32\PGPhk.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb64530000 'C:\WINDOWS\system32\user32.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb64840000 'C:\WINDOWS\system32\shell32.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb622f0000 'C:\WINDOWS\system32\SHCore.dll' 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll' 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'win32u.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'gdi32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb5fdb0000 LB 0x00026000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb60670000 'C:\WINDOWS\system32\winmm.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb60670000 'C:\WINDOWS\system32\winmm.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb64840000 'C:\WINDOWS\system32\shell32.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb608c0000 'C:\WINDOWS\system32\uxtheme.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb63f60000 'C:\WINDOWS\system32\gdi32.dll' 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb63e00000 LB 0x0015a000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'oleaut32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'user32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'imm32.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb646a0000 'C:\WINDOWS\System32\rpcrt4.dll' 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb65d50000 LB 0x0009f000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'combase.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'd3d11.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dcomp.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'win32u.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb61190000 LB 0x0009f000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb5e880000 LB 0x002b6000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb5ff20000 LB 0x00151000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb3dae0000 LB 0x00049000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb3dae0000 'C:\WINDOWS\system32\dataexchange.dll' 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'bcrypt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll 20e8.2fb4: supR3HardenedDllNotificationCallback: load 00007ffb60b70000 LB 0x0011c000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0] 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'devobj.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'cfgmgr32.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume4\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\propsys.dll 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb60d60000 LB 0x00028000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb5a550000 LB 0x00185000 C:\WINDOWS\SYSTEM32\PROPSYS.dll [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb534a0000 LB 0x00071000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'ksuser.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'avrt.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'mmdevapi.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'. 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.2fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.2fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb63e00000 'C:\WINDOWS\System32\MSCTF.dll' 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb5e4c0000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb5ed20000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb36bc0000 LB 0x0003f000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb534a0000 'C:\WINDOWS\System32\MMDEVAPI.DLL' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'mmdevapi.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 20e8.42a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcryptprimitives.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb5eb40000 LB 0x00136000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb49390000 LB 0x00094000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb49390000 'C:\WINDOWS\System32\AUDIOSES.DLL' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb36bc0000 'C:\WINDOWS\System32\wdmaud.drv' 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'mmdevapi.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmmbase.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb4a4e0000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb4d200000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4d200000 'C:\WINDOWS\System32\msacm32.drv' 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 20e8.42a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'. 20e8.42a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\midimap.dll) 20e8.42a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 20e8.42a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 20e8.42a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedDllNotificationCallback: load 00007ffb4b9c0000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0] 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4b9c0000 'C:\WINDOWS\System32\midimap.dll' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4b9c0000 'C:\WINDOWS\System32\midimap.dll' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4b9c0000 'C:\WINDOWS\System32\midimap.dll' 20e8.42a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 20e8.42a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb4b9c0000 'C:\WINDOWS\System32\midimap.dll' 20e8.473c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 20e8.473c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] 20e8.473c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb534a0000 'C:\WINDOWS\System32\MMDevApi.dll' 20e8.2fb4: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports 20e8.2fb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll) 20e8.2fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb65df0000 'C:\WINDOWS\System32\ntdll.dll' 20e8.2fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntdll.dll [lacks WinVerifyTrust] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 20e8.2fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb65df0000 'C:\WINDOWS\System32\ntdll.dll' 2ae8.132c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 2154 ms, the end);