1598.16a4: Log file opened: 5.2.6r120293 g_hStartupLog=0000000000000058 g_uNtVerCombined=0xa0295a00 1598.16a4: \SystemRoot\System32\ntdll.dll: 1598.16a4: CreationTime: 2016-06-27T06:51:40.991608700Z 1598.16a4: LastWriteTime: 2016-04-23T05:24:28.464629900Z 1598.16a4: ChangeTime: 2016-07-01T15:08:11.412154900Z 1598.16a4: FileAttributes: 0x20 1598.16a4: Size: 0x1bc248 1598.16a4: NT Headers: 0xe0 1598.16a4: Timestamp: 0x571af2eb 1598.16a4: Machine: 0x8664 - amd64 1598.16a4: Timestamp: 0x571af2eb 1598.16a4: Image Version: 10.0 1598.16a4: SizeOfImage: 0x1c1000 (1839104) 1598.16a4: Resource Dir: 0x159000 LB 0x66218 1598.16a4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 1598.16a4: [Raw version resource data: 0x1590f0 LB 0x390, codepage 0x0 (reserved 0x0)] 1598.16a4: ProductName: Microsoft® Windows® Operating System 1598.16a4: ProductVersion: 10.0.10586.306 1598.16a4: FileVersion: 10.0.10586.306 (th2_release_sec.160422-1850) 1598.16a4: FileDescription: NT Layer DLL 1598.16a4: \SystemRoot\System32\kernel32.dll: 1598.16a4: CreationTime: 2015-10-30T07:17:46.221743200Z 1598.16a4: LastWriteTime: 2015-10-30T07:17:46.221743200Z 1598.16a4: ChangeTime: 2015-11-25T22:08:20.766286700Z 1598.16a4: FileAttributes: 0x20 1598.16a4: Size: 0xac430 1598.16a4: NT Headers: 0xf0 1598.16a4: Timestamp: 0x5632d5aa 1598.16a4: Machine: 0x8664 - amd64 1598.16a4: Timestamp: 0x5632d5aa 1598.16a4: Image Version: 10.0 1598.16a4: SizeOfImage: 0xad000 (708608) 1598.16a4: Resource Dir: 0xab000 LB 0x528 1598.16a4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 1598.16a4: [Raw version resource data: 0xab0b0 LB 0x3ac, codepage 0x0 (reserved 0x0)] 1598.16a4: ProductName: Microsoft® Windows® Operating System 1598.16a4: ProductVersion: 10.0.10586.0 1598.16a4: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1598.16a4: FileDescription: Windows NT BASE API Client DLL 1598.16a4: \SystemRoot\System32\KernelBase.dll: 1598.16a4: CreationTime: 2016-07-29T09:44:42.680633300Z 1598.16a4: LastWriteTime: 2016-07-01T04:49:21.864958900Z 1598.16a4: ChangeTime: 2016-07-29T10:18:23.334566300Z 1598.16a4: FileAttributes: 0x20 1598.16a4: Size: 0x1e7a10 1598.16a4: NT Headers: 0xf0 1598.16a4: Timestamp: 0x5775e4c5 1598.16a4: Machine: 0x8664 - amd64 1598.16a4: Timestamp: 0x5775e4c5 1598.16a4: Image Version: 10.0 1598.16a4: SizeOfImage: 0x1e8000 (1998848) 1598.16a4: Resource Dir: 0x1d1000 LB 0x548 1598.16a4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 1598.16a4: [Raw version resource data: 0x1d10b0 LB 0x3cc, codepage 0x0 (reserved 0x0)] 1598.16a4: ProductName: Microsoft® Windows® Operating System 1598.16a4: ProductVersion: 10.0.10586.494 1598.16a4: FileVersion: 10.0.10586.494 (th2_release_sec.160630-1736) 1598.16a4: FileDescription: Windows NT BASE API Client DLL 1598.16a4: \SystemRoot\System32\apisetschema.dll: 1598.16a4: CreationTime: 2015-10-30T07:17:57.502957900Z 1598.16a4: LastWriteTime: 2015-10-30T07:17:57.502957900Z 1598.16a4: ChangeTime: 2015-11-25T22:08:14.375155000Z 1598.16a4: FileAttributes: 0x20 1598.16a4: Size: 0x16d60 1598.16a4: NT Headers: 0xc8 1598.16a4: Timestamp: 0x5632d94c 1598.16a4: Machine: 0x8664 - amd64 1598.16a4: Timestamp: 0x5632d94c 1598.16a4: Image Version: 10.0 1598.16a4: SizeOfImage: 0x18000 (98304) 1598.16a4: Resource Dir: 0x17000 LB 0x400 1598.16a4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 1598.16a4: [Raw version resource data: 0x17060 LB 0x3a0, codepage 0x0 (reserved 0x0)] 1598.16a4: ProductName: Microsoft® Windows® Operating System 1598.16a4: ProductVersion: 10.0.10586.0 1598.16a4: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1598.16a4: FileDescription: ApiSet Schema DLL 1598.16a4: NtOpenDirectoryObject failed on \Driver: 0xc0000022 1598.16a4: supR3HardenedWinFindAdversaries: 0x0 1598.16a4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 1598.16a4: Calling main() 1598.16a4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1598.16a4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 1598.16a4: SUPR3HardenedMain: Respawn #1 1598.16a4: System32: \Device\HarddiskVolume4\Windows\System32 1598.16a4: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 1598.16a4: KnownDllPath: C:\WINDOWS\system32 1598.16a4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1598.16a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1598.16a4: supR3HardNtEnableThreadCreation: 1598.16a4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa5eae6d50 pvNtTerminateThread=00007ffa5eb15b30 1598.16a4: supR3HardenedWinDoReSpawn(1): New child 1ae0.1814 [kernel32]. 1598.16a4: supR3HardNtChildGatherData: PebBaseAddress=00000000003ab000 cbPeb=0x388 1598.16a4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa5ea70000 uNtDllChildAddr=00007ffa5ea70000 1598.16a4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa5eae6d50 1598.16a4: supR3HardenedWinSetupChildInit: Start child. 1598.16a4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 1598.16a4: supR3HardNtChildPurify: Startup delay kludge #1/0: 266 ms, 16 sleeps 1598.16a4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1598.16a4: *0000000000000000-000000000019ffff 0x0001/0x0000 0x0000000 1598.16a4: *00000000001a0000-00000000001bffff 0x0004/0x0004 0x0020000 1598.16a4: *00000000001c0000-00000000001d4fff 0x0002/0x0002 0x0040000 1598.16a4: 00000000001d5000-00000000001dffff 0x0001/0x0000 0x0000000 1598.16a4: *00000000001e0000-00000000001e3fff 0x0002/0x0002 0x0040000 1598.16a4: 00000000001e4000-00000000001effff 0x0001/0x0000 0x0000000 1598.16a4: *00000000001f0000-00000000001f1fff 0x0004/0x0004 0x0020000 1598.16a4: 00000000001f2000-00000000001fffff 0x0001/0x0000 0x0000000 1598.16a4: *0000000000200000-00000000003aafff 0x0000/0x0004 0x0020000 1598.16a4: 00000000003ab000-00000000003adfff 0x0004/0x0004 0x0020000 1598.16a4: 00000000003ae000-00000000003fffff 0x0000/0x0004 0x0020000 1598.16a4: *0000000000400000-00000000004fafff 0x0000/0x0004 0x0020000 1598.16a4: 00000000004fb000-00000000004fdfff 0x0104/0x0004 0x0020000 1598.16a4: 00000000004fe000-00000000004fffff 0x0004/0x0004 0x0020000 1598.16a4: 0000000000500000-000000007ffdffff 0x0001/0x0000 0x0000000 1598.16a4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 1598.16a4: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000 1598.16a4: 000000007fff0000-00007ff75748ffff 0x0001/0x0000 0x0000000 1598.16a4: *00007ff757490000-00007ff7574b2fff 0x0002/0x0002 0x0040000 1598.16a4: 00007ff7574b3000-00007ff7576dffff 0x0001/0x0000 0x0000000 1598.16a4: *00007ff7576e0000-00007ff7576e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff7576e1000-00007ff757751fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff757752000-00007ff757752fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff757753000-00007ff757798fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff757799000-00007ff757799fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff75779a000-00007ff75779afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff75779b000-00007ff75779ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff7577a0000-00007ff7577a0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff7577a1000-00007ff7577a1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff7577a2000-00007ff7577a5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff7577a6000-00007ff7577edfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1598.16a4: 00007ff7577ee000-00007ffa5ea6ffff 0x0001/0x0000 0x0000000 1598.16a4: *00007ffa5ea70000-00007ffa5ea70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ea71000-00007ffa5eb6dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5eb6e000-00007ffa5ebaefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ebaf000-00007ffa5ebb4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ebb5000-00007ffa5ebb5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ebb6000-00007ffa5ebb7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ebb8000-00007ffa5ebc4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ebc5000-00007ffa5ebc5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ebc6000-00007ffa5ebc8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ebc9000-00007ffa5ec30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 1598.16a4: 00007ffa5ec31000-00007ffffffdffff 0x0001/0x0000 0x0000000 1598.16a4: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000 1598.16a4: VirtualBox.exe: timestamp 0x5a5cc1cb (rc=VINF_SUCCESS) 1598.16a4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1598.16a4: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports 1598.16a4: supR3HardNtChildPurify: Done after 328 ms and 0 fixes (loop #0). 1ae0.1814: Log file opened: 5.2.6r120293 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0295a00 1ae0.1814: supR3HardenedVmProcessInit: uNtDllAddr=00007ffa5ea70000 g_uNtVerCombined=0xa0295a00 1ae0.1814: ntdll.dll: timestamp 0x571af2eb (rc=VINF_SUCCESS) 1ae0.1814: New simple heap: #1 0000000000600000 LB 0x400000 (for 1839104 allocation) 1598.16a4: supR3HardNtEnableThreadCreation: 1ae0.1814: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 1ae0.1814: System32: \Device\HarddiskVolume4\Windows\System32 1ae0.1814: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 1ae0.1814: KnownDllPath: C:\WINDOWS\system32 1ae0.1814: supR3HardenedVmProcessInit: Opening vboxdrv stub... 1ae0.1814: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 1ae0.1814: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 1ae0.1814: Registered Dll notification callback with NTDLL. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801: [calling] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b950000 LB 0x001e8000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5be70000 LB 0x000ad000 C:\WINDOWS\system32\KERNEL32.DLL [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5be70000 'C:\WINDOWS\system32\KERNEL32.DLL' 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ff7576e0000 LB 0x0010e000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0] 1ae0.1814: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ae0.1814: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa5eae6d50 pvNtTerminateThread=00007ffa5eb15b30 1598.16a4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 78 ms. 1ae0.1814: \SystemRoot\System32\ntdll.dll: 1ae0.1814: CreationTime: 2016-06-27T06:51:40.991608700Z 1ae0.1814: LastWriteTime: 2016-04-23T05:24:28.464629900Z 1ae0.1814: ChangeTime: 2016-07-01T15:08:11.412154900Z 1ae0.1814: FileAttributes: 0x20 1ae0.1814: Size: 0x1bc248 1ae0.1814: NT Headers: 0xe0 1ae0.1814: Timestamp: 0x571af2eb 1ae0.1814: Machine: 0x8664 - amd64 1ae0.1814: Timestamp: 0x571af2eb 1ae0.1814: Image Version: 10.0 1ae0.1814: SizeOfImage: 0x1c1000 (1839104) 1ae0.1814: Resource Dir: 0x159000 LB 0x66218 1ae0.1814: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 1ae0.1814: [Raw version resource data: 0x1590f0 LB 0x390, codepage 0x0 (reserved 0x0)] 1ae0.1814: ProductName: Microsoft® Windows® Operating System 1ae0.1814: ProductVersion: 10.0.10586.306 1ae0.1814: FileVersion: 10.0.10586.306 (th2_release_sec.160422-1850) 1ae0.1814: FileDescription: NT Layer DLL 1ae0.1814: \SystemRoot\System32\kernel32.dll: 1ae0.1814: CreationTime: 2015-10-30T07:17:46.221743200Z 1ae0.1814: LastWriteTime: 2015-10-30T07:17:46.221743200Z 1ae0.1814: ChangeTime: 2015-11-25T22:08:20.766286700Z 1ae0.1814: FileAttributes: 0x20 1ae0.1814: Size: 0xac430 1ae0.1814: NT Headers: 0xf0 1ae0.1814: Timestamp: 0x5632d5aa 1ae0.1814: Machine: 0x8664 - amd64 1ae0.1814: Timestamp: 0x5632d5aa 1ae0.1814: Image Version: 10.0 1ae0.1814: SizeOfImage: 0xad000 (708608) 1ae0.1814: Resource Dir: 0xab000 LB 0x528 1ae0.1814: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 1ae0.1814: [Raw version resource data: 0xab0b0 LB 0x3ac, codepage 0x0 (reserved 0x0)] 1ae0.1814: ProductName: Microsoft® Windows® Operating System 1ae0.1814: ProductVersion: 10.0.10586.0 1ae0.1814: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1ae0.1814: FileDescription: Windows NT BASE API Client DLL 1ae0.1814: \SystemRoot\System32\KernelBase.dll: 1ae0.1814: CreationTime: 2016-07-29T09:44:42.680633300Z 1ae0.1814: LastWriteTime: 2016-07-01T04:49:21.864958900Z 1ae0.1814: ChangeTime: 2016-07-29T10:18:23.334566300Z 1ae0.1814: FileAttributes: 0x20 1ae0.1814: Size: 0x1e7a10 1ae0.1814: NT Headers: 0xf0 1ae0.1814: Timestamp: 0x5775e4c5 1ae0.1814: Machine: 0x8664 - amd64 1ae0.1814: Timestamp: 0x5775e4c5 1ae0.1814: Image Version: 10.0 1ae0.1814: SizeOfImage: 0x1e8000 (1998848) 1ae0.1814: Resource Dir: 0x1d1000 LB 0x548 1ae0.1814: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 1ae0.1814: [Raw version resource data: 0x1d10b0 LB 0x3cc, codepage 0x0 (reserved 0x0)] 1ae0.1814: ProductName: Microsoft® Windows® Operating System 1ae0.1814: ProductVersion: 10.0.10586.494 1ae0.1814: FileVersion: 10.0.10586.494 (th2_release_sec.160630-1736) 1ae0.1814: FileDescription: Windows NT BASE API Client DLL 1ae0.1814: \SystemRoot\System32\apisetschema.dll: 1ae0.1814: CreationTime: 2015-10-30T07:17:57.502957900Z 1ae0.1814: LastWriteTime: 2015-10-30T07:17:57.502957900Z 1ae0.1814: ChangeTime: 2015-11-25T22:08:14.375155000Z 1ae0.1814: FileAttributes: 0x20 1ae0.1814: Size: 0x16d60 1ae0.1814: NT Headers: 0xc8 1ae0.1814: Timestamp: 0x5632d94c 1ae0.1814: Machine: 0x8664 - amd64 1ae0.1814: Timestamp: 0x5632d94c 1ae0.1814: Image Version: 10.0 1ae0.1814: SizeOfImage: 0x18000 (98304) 1ae0.1814: Resource Dir: 0x17000 LB 0x400 1ae0.1814: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 1ae0.1814: [Raw version resource data: 0x17060 LB 0x3a0, codepage 0x0 (reserved 0x0)] 1ae0.1814: ProductName: Microsoft® Windows® Operating System 1ae0.1814: ProductVersion: 10.0.10586.0 1ae0.1814: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1ae0.1814: FileDescription: ApiSet Schema DLL 1ae0.1814: NtOpenDirectoryObject failed on \Driver: 0xc0000022 1ae0.1814: supR3HardenedWinFindAdversaries: 0x0 1ae0.1814: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 1ae0.1814: Calling main() 1ae0.1814: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1ae0.1814: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 1ae0.1814: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1ae0.1814: SUPR3HardenedMain: Respawn #2 1ae0.1814: supR3HardNtEnableThreadCreation: 1ae0.1814: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) 1ae0.1814: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment "controleur de domaine" --startvm 2877ae3f-8038-4eea-87f8-fdacf324a55d --no-startvm-errormsgbox "--sup-hardening-log=C:\Users\clementbr\VirtualBox VMs\controleur de domaine\Logs\VBoxHardening.log"' 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #65 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #67 'gdi32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'dciman32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ddraw.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ddraw.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'shlwapi.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'comctl32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'shell32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'firewallapi.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'netapi32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'bcryptprimitives.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\netapi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\netapi32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\netapi32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'firewallapi.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'firewallapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\firewallapi.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\FirewallAPI.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\FirewallAPI.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dciman32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dciman32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\davhlpr.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\davhlpr.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5e670000 LB 0x0009d000 C:\WINDOWS\system32\msvcrt.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5ce70000 LB 0x0011c000 C:\WINDOWS\system32\RPCRT4.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5c7c0000 LB 0x0005b000 C:\WINDOWS\system32\sechost.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5c840000 LB 0x000a7000 C:\WINDOWS\system32\ADVAPI32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5c8f0000 LB 0x00156000 C:\WINDOWS\system32\USER32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5cce0000 LB 0x00186000 C:\WINDOWS\system32\GDI32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa4d8c0000 LB 0x00008000 C:\WINDOWS\SYSTEM32\DCIMAN32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa35ac0000 LB 0x000fa000 C:\WINDOWS\SYSTEM32\DDRAW.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa4da40000 LB 0x0002e000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa361c0000 LB 0x00129000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 0000000051300000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00000000513e0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5ca50000 LB 0x0006b000 C:\WINDOWS\system32\WS2_32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa36d30000 LB 0x00590000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b820000 LB 0x00043000 C:\WINDOWS\system32\cfgmgr32.dll [fFlags=0x0] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5bb40000 LB 0x0006a000 C:\WINDOWS\system32\bcryptPrimitives.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5e7f0000 LB 0x0027d000 C:\WINDOWS\system32\combase.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5d0a0000 LB 0x00052000 C:\WINDOWS\system32\shlwapi.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b090000 LB 0x0000f000 C:\WINDOWS\system32\kernel.appcore.dll [fFlags=0x0] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b890000 LB 0x000b5000 C:\WINDOWS\system32\shcore.dll [fFlags=0x0] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b0d0000 LB 0x0004b000 C:\WINDOWS\system32\powrprof.dll [fFlags=0x0] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b0b0000 LB 0x00014000 C:\WINDOWS\system32\profapi.dll [fFlags=0x0] 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b1d0000 LB 0x00645000 C:\WINDOWS\system32\windows.storage.dll [fFlags=0x0] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'combase.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'profapi.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5d100000 LB 0x0155c000 C:\WINDOWS\system32\SHELL32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5c080000 LB 0x00143000 C:\WINDOWS\system32\ole32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa497a0000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 0000000050d90000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa35bc0000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 0000000050820000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5ac90000 LB 0x00029000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa4c4f0000 LB 0x00084000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa35a10000 LB 0x000aa000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\COMCTL32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5bbb0000 LB 0x00086000 C:\WINDOWS\system32\FirewallAPI.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\FirewallAPI.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5b870000 LB 0x00017000 C:\WINDOWS\system32\NETAPI32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\netapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa4c5f0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\DAVHLPR.DLL [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\davhlpr.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5cf90000 LB 0x0010b000 C:\WINDOWS\system32\COMDLG32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa38270000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00000000507c0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5e720000 LB 0x000c1000 C:\WINDOWS\system32\OLEAUT32.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa59530000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa59590000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa362f0000 LB 0x00a33000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5c1d0000 LB 0x0003b000 C:\WINDOWS\system32\IMM32.DLL [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5c1d0000 'C:\WINDOWS\system32\IMM32.DLL' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa36d30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5c1d0000 'C:\WINDOWS\system32\imm32.dll' 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\fwbase.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\fwbase.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa59c10000 LB 0x00032000 C:\WINDOWS\SYSTEM32\fwbase.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\fwbase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5c840000 'C:\WINDOWS\system32\ADVAPI32.DLL' 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5ab90000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa362f0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5be70000 'C:\WINDOWS\system32\kernel32.dll' 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa358e0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa358e0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll' 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa599c0000 LB 0x00096000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa599c0000 'C:\WINDOWS\system32\uxtheme.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5c8f0000 'C:\WINDOWS\system32\user32.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5d100000 'C:\WINDOWS\system32\shell32.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5b890000 'C:\WINDOWS\system32\SHCore.dll' 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5c8f0000 'C:\WINDOWS\system32\user32.dll' 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa58a80000 LB 0x00022000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa59590000 'C:\WINDOWS\system32\winmm.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa59590000 'C:\WINDOWS\system32\winmm.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5d100000 'C:\WINDOWS\system32\shell32.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa599c0000 'C:\WINDOWS\system32\uxtheme.dll' 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5cce0000 'C:\WINDOWS\system32\gdi32.dll' 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5bf20000 LB 0x0015a000 C:\WINDOWS\system32\MSCTF.dll [fFlags=0x0] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa5ce70000 'C:\WINDOWS\system32\rpcrt4.dll' 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa5c700000 LB 0x000a7000 C:\WINDOWS\system32\clbcatq.dll [fFlags=0x0] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'combase.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'd3d11.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dcomp.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'dxgi.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.1814: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa586e0000 LB 0x000a2000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa587b0000 LB 0x002a8000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa590c0000 LB 0x000e3000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa3fd40000 LB 0x0004a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 1ae0.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3fd40000 'C:\WINDOWS\system32\dataexchange.dll' 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'bcrypt.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'. 1ae0.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'. 1ae0.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll) 1ae0.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll 1ae0.1814: supR3HardenedDllNotificationCallback: load 00007ffa598c0000 LB 0x00100000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0] 1ae0.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'devobj.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'propsys.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\propsys.dll 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa59890000 LB 0x00027000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa56d60000 LB 0x00186000 C:\WINDOWS\SYSTEM32\PROPSYS.dll [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa57a30000 LB 0x00070000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'winmm.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'avrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'mmdevapi.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume4\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa56860000 LB 0x00008000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa56f10000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa595f0000 LB 0x00042000 C:\WINDOWS\system32\wdmaud.drv [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa57a30000 'C:\WINDOWS\system32\MMDEVAPI.DLL' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'mmdevapi.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1ae0.10a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'combase.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa5a1a0000 LB 0x00136000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa4b380000 LB 0x00088000 C:\WINDOWS\system32\AUDIOSES.DLL [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa4b380000 'C:\WINDOWS\system32\AUDIOSES.DLL' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595f0000 'C:\WINDOWS\system32\wdmaud.drv' 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msacm32.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmm.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa56a60000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa595e0000 LB 0x0000c000 C:\WINDOWS\system32\msacm32.drv [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595e0000 'C:\WINDOWS\system32\msacm32.drv' 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1ae0.10a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'. 1ae0.10a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\midimap.dll) 1ae0.10a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1ae0.10a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1ae0.10a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedDllNotificationCallback: load 00007ffa595d0000 LB 0x0000a000 C:\WINDOWS\system32\midimap.dll [fFlags=0x0] 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595d0000 'C:\WINDOWS\system32\midimap.dll' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595d0000 'C:\WINDOWS\system32\midimap.dll' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595d0000 'C:\WINDOWS\system32\midimap.dll' 1ae0.10a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 1ae0.10a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa595d0000 'C:\WINDOWS\system32\midimap.dll' 1ae0.1280: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 1ae0.1280: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] 1ae0.1280: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa57a30000 'C:\WINDOWS\System32\MMDevApi.dll' 1598.16a4: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 62331 ms, the end);