27c0.5fc: Log file opened: 5.2.8r121009 g_hStartupLog=00000000000001b4 g_uNtVerCombined=0xa03fab00 27c0.5fc: \SystemRoot\System32\ntdll.dll: 27c0.5fc: CreationTime: 2018-02-16T15:54:21.665969200Z 27c0.5fc: LastWriteTime: 2018-02-10T06:15:34.902092600Z 27c0.5fc: ChangeTime: 2018-02-19T11:04:38.408972300Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x1dd100 27c0.5fc: NT Headers: 0xe0 27c0.5fc: Timestamp: 0xeffc9126 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0xeffc9126 27c0.5fc: Image Version: 10.0 27c0.5fc: SizeOfImage: 0x1e0000 (1966080) 27c0.5fc: Resource Dir: 0x174000 LB 0x6a1d8 27c0.5fc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: Microsoft® Windows® Operating System 27c0.5fc: ProductVersion: 10.0.16299.248 27c0.5fc: FileVersion: 10.0.16299.248 (WinBuild.160101.0800) 27c0.5fc: FileDescription: NT Layer DLL 27c0.5fc: \SystemRoot\System32\kernel32.dll: 27c0.5fc: CreationTime: 2017-09-29T13:42:04.954227600Z 27c0.5fc: LastWriteTime: 2017-09-29T13:42:04.954227600Z 27c0.5fc: ChangeTime: 2017-11-22T16:33:08.352730100Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0xab868 27c0.5fc: NT Headers: 0xe8 27c0.5fc: Timestamp: 0xc2cf900 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0xc2cf900 27c0.5fc: Image Version: 10.0 27c0.5fc: SizeOfImage: 0xae000 (712704) 27c0.5fc: Resource Dir: 0xac000 LB 0x520 27c0.5fc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: Microsoft® Windows® Operating System 27c0.5fc: ProductVersion: 10.0.16299.15 27c0.5fc: FileVersion: 10.0.16299.15 (WinBuild.160101.0800) 27c0.5fc: FileDescription: Windows NT BASE API Client DLL 27c0.5fc: \SystemRoot\System32\KernelBase.dll: 27c0.5fc: CreationTime: 2018-02-16T15:53:30.525154600Z 27c0.5fc: LastWriteTime: 2018-02-10T06:15:53.408982400Z 27c0.5fc: ChangeTime: 2018-02-19T11:04:34.845920900Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x266000 27c0.5fc: NT Headers: 0xf0 27c0.5fc: Timestamp: 0x4414ec23 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0x4414ec23 27c0.5fc: Image Version: 10.0 27c0.5fc: SizeOfImage: 0x266000 (2514944) 27c0.5fc: Resource Dir: 0x245000 LB 0x548 27c0.5fc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: Microsoft® Windows® Operating System 27c0.5fc: ProductVersion: 10.0.16299.248 27c0.5fc: FileVersion: 10.0.16299.248 (WinBuild.160101.0800) 27c0.5fc: FileDescription: Windows NT BASE API Client DLL 27c0.5fc: \SystemRoot\System32\apisetschema.dll: 27c0.5fc: CreationTime: 2017-09-29T13:42:07.095026600Z 27c0.5fc: LastWriteTime: 2017-09-29T13:42:07.095026600Z 27c0.5fc: ChangeTime: 2018-02-16T16:09:21.698420900Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x1b398 27c0.5fc: NT Headers: 0xc8 27c0.5fc: Timestamp: 0xf30abf31 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0xf30abf31 27c0.5fc: Image Version: 10.0 27c0.5fc: SizeOfImage: 0x1c000 (114688) 27c0.5fc: Resource Dir: 0x1b000 LB 0x408 27c0.5fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: Microsoft® Windows® Operating System 27c0.5fc: ProductVersion: 10.0.16299.15 27c0.5fc: FileVersion: 10.0.16299.15 (WinBuild.160101.0800) 27c0.5fc: FileDescription: ApiSet Schema DLL 27c0.5fc: NtOpenDirectoryObject failed on \Driver: 0xc0000022 27c0.5fc: supR3HardenedWinFindAdversaries: 0x1008 27c0.5fc: \SystemRoot\System32\drivers\tmcomm.sys: 27c0.5fc: CreationTime: 2017-01-02T13:11:18.436528800Z 27c0.5fc: LastWriteTime: 2016-09-29T09:27:10.000000000Z 27c0.5fc: ChangeTime: 2017-11-22T16:45:09.934551100Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x6a4e0 27c0.5fc: NT Headers: 0xf8 27c0.5fc: Timestamp: 0x57bba895 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0x57bba895 27c0.5fc: Image Version: 10.0 27c0.5fc: SizeOfImage: 0x6c000 (442368) 27c0.5fc: Resource Dir: 0x6a000 LB 0x568 27c0.5fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x6a060 LB 0x504, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: Trend Micro Eyes 27c0.5fc: ProductVersion: 7.0 27c0.5fc: FileVersion: 7.0.0.1101 27c0.5fc: SpecialBuild: 1101 27c0.5fc: PrivateBuild: Build 1101 - 8/23/2016 27c0.5fc: FileDescription: TrendMicro Common Module 27c0.5fc: \SystemRoot\System32\drivers\tmactmon.sys: 27c0.5fc: CreationTime: 2017-01-02T13:11:18.405539500Z 27c0.5fc: LastWriteTime: 2016-09-29T09:27:20.000000000Z 27c0.5fc: ChangeTime: 2017-11-22T16:45:09.934551100Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x1fad8 27c0.5fc: NT Headers: 0xe0 27c0.5fc: Timestamp: 0x57e8f5ac 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0x57e8f5ac 27c0.5fc: Image Version: 6.0 27c0.5fc: SizeOfImage: 0x24000 (147456) 27c0.5fc: Resource Dir: 0x22000 LB 0x590 27c0.5fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x22060 LB 0x52c, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: Trend Micro AEGIS 27c0.5fc: ProductVersion: 2.976 27c0.5fc: FileVersion: 2.976.0.1159 27c0.5fc: SpecialBuild: 1159 27c0.5fc: PrivateBuild: Build 1159 - 9/26/2016 27c0.5fc: FileDescription: TrendMicro Activity Monitor Module 27c0.5fc: \SystemRoot\System32\drivers\tmevtmgr.sys: 27c0.5fc: CreationTime: 2017-01-02T13:11:19.700647600Z 27c0.5fc: LastWriteTime: 2016-09-29T09:25:04.000000000Z 27c0.5fc: ChangeTime: 2017-11-22T16:45:09.934551100Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x166e0 27c0.5fc: NT Headers: 0xe0 27c0.5fc: Timestamp: 0x57e8f5aa 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0x57e8f5aa 27c0.5fc: Image Version: 6.0 27c0.5fc: SizeOfImage: 0x17000 (94208) 27c0.5fc: Resource Dir: 0x15000 LB 0x590 27c0.5fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x15060 LB 0x52c, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: Trend Micro AEGIS 27c0.5fc: ProductVersion: 2.976 27c0.5fc: FileVersion: 2.976.0.1159 27c0.5fc: SpecialBuild: 1159 27c0.5fc: PrivateBuild: Build 1159 - 9/26/2016 27c0.5fc: FileDescription: TrendMicro Event Management Module 27c0.5fc: \SystemRoot\System32\drivers\tmeevw.sys: 27c0.5fc: CreationTime: 2017-01-02T13:11:18.508537100Z 27c0.5fc: LastWriteTime: 2016-07-15T04:48:26.000000000Z 27c0.5fc: ChangeTime: 2017-11-22T16:45:09.934551100Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x22ee0 27c0.5fc: NT Headers: 0xf8 27c0.5fc: Timestamp: 0x578312e1 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0x578312e1 27c0.5fc: Image Version: 10.0 27c0.5fc: SizeOfImage: 0x23000 (143360) 27c0.5fc: Resource Dir: 0x1d000 LB 0x4e00 27c0.5fc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x2190c LB 0x4f4, codepage 0x4e4 (reserved 0x0)] 27c0.5fc: ProductName: Trend Micro EagleEye 27c0.5fc: ProductVersion: 3.0 27c0.5fc: FileVersion: 3.0.0.1002 27c0.5fc: SpecialBuild: 1002 27c0.5fc: PrivateBuild: Build 1002 - 7/11/2016 27c0.5fc: FileDescription: Trend Micro EagleEye Driver (VW) (amd64-fre) 27c0.5fc: \SystemRoot\System32\drivers\vsdatant.sys: 27c0.5fc: CreationTime: 2017-11-24T14:29:12.000000000Z 27c0.5fc: LastWriteTime: 2017-11-24T14:29:12.000000000Z 27c0.5fc: ChangeTime: 2018-02-21T17:29:38.232739500Z 27c0.5fc: FileAttributes: 0x20 27c0.5fc: Size: 0x75430 27c0.5fc: NT Headers: 0xf8 27c0.5fc: Timestamp: 0x5a153960 27c0.5fc: Machine: 0x8664 - amd64 27c0.5fc: Timestamp: 0x5a153960 27c0.5fc: Image Version: 6.1 27c0.5fc: SizeOfImage: 0x9a000 (630784) 27c0.5fc: Resource Dir: 0x98000 LB 0x3d8 27c0.5fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 27c0.5fc: [Raw version resource data: 0x98060 LB 0x374, codepage 0x0 (reserved 0x0)] 27c0.5fc: ProductName: End Point Security 27c0.5fc: ProductVersion: E80.64 27c0.5fc: FileVersion: 926000784 27c0.5fc: FileDescription: ZoneAlarm Firewalling Driver 27c0.5fc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 27c0.5fc: Calling main() 27c0.5fc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 27c0.5fc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 27c0.5fc: SUPR3HardenedMain: Respawn #1 27c0.5fc: System32: \Device\HarddiskVolume2\Windows\System32 27c0.5fc: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS 27c0.5fc: KnownDllPath: C:\WINDOWS\System32 27c0.5fc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 27c0.5fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe) 27c0.5fc: supR3HardNtEnableThreadCreation: 27c0.5fc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff207991e0 pvNtTerminateThread=00007fff207c08d0 27c0.5fc: supR3HardenedWinDoReSpawn(1): New child 1c24.2180 [kernel32]. 27c0.5fc: supR3HardNtChildGatherData: PebBaseAddress=000000000104f000 cbPeb=0x388 27c0.5fc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fff20720000 uNtDllChildAddr=00007fff20720000 27c0.5fc: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fff207991e0 27c0.5fc: supR3HardenedWinSetupChildInit: Start child. 27c0.5fc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms. 27c0.5fc: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 53 sleeps 27c0.5fc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 27c0.5fc: *0000000000000000-0000000000fdffff 0x0001/0x0000 0x0000000 27c0.5fc: *0000000000fe0000-0000000000ffffff 0x0004/0x0004 0x0020000 27c0.5fc: *0000000001000000-000000000104efff 0x0000/0x0004 0x0020000 27c0.5fc: 000000000104f000-0000000001051fff 0x0004/0x0004 0x0020000 27c0.5fc: 0000000001052000-00000000011fffff 0x0000/0x0004 0x0020000 27c0.5fc: *0000000001200000-0000000001218fff 0x0002/0x0002 0x0040000 27c0.5fc: 0000000001219000-000000000121ffff 0x0001/0x0000 0x0000000 27c0.5fc: *0000000001220000-000000000131afff 0x0000/0x0004 0x0020000 27c0.5fc: 000000000131b000-000000000131dfff 0x0104/0x0004 0x0020000 27c0.5fc: 000000000131e000-000000000131ffff 0x0004/0x0004 0x0020000 27c0.5fc: *0000000001320000-0000000001323fff 0x0002/0x0002 0x0040000 27c0.5fc: 0000000001324000-000000000132ffff 0x0001/0x0000 0x0000000 27c0.5fc: *0000000001330000-0000000001330fff 0x0004/0x0004 0x0020000 27c0.5fc: 0000000001331000-000000007ffdffff 0x0001/0x0000 0x0000000 27c0.5fc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 27c0.5fc: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000 27c0.5fc: 000000007fff0000-00007ff77510ffff 0x0001/0x0000 0x0000000 27c0.5fc: *00007ff775110000-00007ff775132fff 0x0002/0x0002 0x0040000 27c0.5fc: 00007ff775133000-00007ff7751bffff 0x0001/0x0000 0x0000000 27c0.5fc: *00007ff7751c0000-00007ff7751c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff7751c1000-00007ff775231fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff775232000-00007ff775232fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff775233000-00007ff775278fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff775279000-00007ff775279fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff77527a000-00007ff77527afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff77527b000-00007ff77527ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff775280000-00007ff775280fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff775281000-00007ff775281fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff775282000-00007ff775285fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff775286000-00007ff7752cdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 27c0.5fc: 00007ff7752ce000-00007fff2071ffff 0x0001/0x0000 0x0000000 27c0.5fc: *00007fff20720000-00007fff20720fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff20721000-00007fff20832fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff20833000-00007fff20878fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff20879000-00007fff20880fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff20881000-00007fff2088efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff2088f000-00007fff2088ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff20890000-00007fff20892fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff20893000-00007fff208fffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 27c0.5fc: 00007fff20900000-00007ffffffdffff 0x0001/0x0000 0x0000000 27c0.5fc: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000 27c0.5fc: VirtualBox.exe: timestamp 0x5a942b95 (rc=VINF_SUCCESS) 27c0.5fc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 27c0.5fc: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports 27c0.5fc: supR3HardNtChildPurify: Done after 561 ms and 0 fixes (loop #0). 27c0.5fc: supR3HardNtEnableThreadCreation: 1c24.2180: Log file opened: 5.2.8r121009 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00 1c24.2180: supR3HardenedVmProcessInit: uNtDllAddr=00007fff20720000 g_uNtVerCombined=0xa03fab00 1c24.2180: ntdll.dll: timestamp 0xeffc9126 (rc=VINF_SUCCESS) 1c24.2180: New simple heap: #1 0000000001440000 LB 0x400000 (for 1966080 allocation) 1c24.2180: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 1c24.2180: System32: \Device\HarddiskVolume2\Windows\System32 1c24.2180: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS 1c24.2180: KnownDllPath: C:\WINDOWS\System32 1c24.2180: supR3HardenedVmProcessInit: Opening vboxdrv stub... 1c24.2180: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 1c24.2180: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 1c24.2180: Registered Dll notification callback with NTDLL. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001: [calling] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1d980000 LB 0x00266000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f0e0000 LB 0x000ae000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f0e0000 'C:\WINDOWS\System32\KERNEL32.DLL' 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ff7751c0000 LB 0x0010e000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0] 1c24.2180: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'dnsapi.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\QIPCAP64.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\QIPCAP64.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dnsapi.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'dnsapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dnsapi.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'ws2_32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'nsi.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dnsapi.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dnsapi.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #73 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #75 'gdi32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume2\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 1c24.2180: '\Device\HarddiskVolume2\Windows\System32\win32u.dll' has no imports 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\win32u.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\win32u.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\QIPCAP64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\QIPCAP64.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dnsapi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff20210000 LB 0x0009d000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f250000 LB 0x0011f000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff20310000 LB 0x0005b000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f030000 LB 0x000a1000 C:\WINDOWS\System32\ADVAPI32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1cba0000 LB 0x000f6000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ucrtbase.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ucrtbase.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1d490000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1d4e0000 LB 0x00072000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f440000 LB 0x00308000 C:\WINDOWS\System32\combase.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\combase.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\combase.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f7c0000 LB 0x000a6000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'rpcrt4.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'combase.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\SHCore.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\SHCore.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1d3f0000 LB 0x0009b000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1cb20000 LB 0x00020000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff20560000 LB 0x0018f000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1d730000 LB 0x00193000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32full.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32full.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1fb90000 LB 0x00028000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f370000 LB 0x00051000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'user32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1ca90000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1cad0000 LB 0x0004c000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\powrprof.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\powrprof.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1cab0000 LB 0x0001b000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\profapi.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1cca0000 LB 0x00747000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'combase.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #75 'profapi.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\windows.storage.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\windows.storage.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1dbf0000 LB 0x01436000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f750000 LB 0x0006c000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f870000 LB 0x00008000 C:\WINDOWS\System32\NSI.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1c0d0000 LB 0x000b6000 C:\WINDOWS\SYSTEM32\DNSAPI.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dnsapi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 0000000068000000 LB 0x00056000 C:\WINDOWS\System32\QIPCAP64.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\QIPCAP64.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-synch-l1-2-0' 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-fibers-l1-1-1' 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-fibers-l1-1-1' 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-synch-l1-2-0' 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-localization-l1-2-1' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f0e0000 'C:\WINDOWS\System32\kernel32.dll' 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-string-l1-1-0' 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-datetime-l1-1-1' 1c24.2180: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1d980000 'api-ms-win-core-localization-obsolete-l1-2-0' 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imm32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff201e0000 LB 0x0002d000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff201e0000 'C:\WINDOWS\system32\IMM32.DLL' 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1c090000 LB 0x00039000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000068000000 'C:\WINDOWS\System32\QIPCAP64.dll' 1c24.2180: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff207991e0 pvNtTerminateThread=00007fff207c08d0 27c0.5fc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 896 ms. 1c24.2180: \SystemRoot\System32\ntdll.dll: 1c24.2180: CreationTime: 2018-02-16T15:54:21.665969200Z 1c24.2180: LastWriteTime: 2018-02-10T06:15:34.902092600Z 1c24.2180: ChangeTime: 2018-02-19T11:04:38.408972300Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x1dd100 1c24.2180: NT Headers: 0xe0 1c24.2180: Timestamp: 0xeffc9126 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0xeffc9126 1c24.2180: Image Version: 10.0 1c24.2180: SizeOfImage: 0x1e0000 (1966080) 1c24.2180: Resource Dir: 0x174000 LB 0x6a1d8 1c24.2180: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: Microsoft® Windows® Operating System 1c24.2180: ProductVersion: 10.0.16299.248 1c24.2180: FileVersion: 10.0.16299.248 (WinBuild.160101.0800) 1c24.2180: FileDescription: NT Layer DLL 1c24.2180: \SystemRoot\System32\kernel32.dll: 1c24.2180: CreationTime: 2017-09-29T13:42:04.954227600Z 1c24.2180: LastWriteTime: 2017-09-29T13:42:04.954227600Z 1c24.2180: ChangeTime: 2017-11-22T16:33:08.352730100Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0xab868 1c24.2180: NT Headers: 0xe8 1c24.2180: Timestamp: 0xc2cf900 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0xc2cf900 1c24.2180: Image Version: 10.0 1c24.2180: SizeOfImage: 0xae000 (712704) 1c24.2180: Resource Dir: 0xac000 LB 0x520 1c24.2180: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: Microsoft® Windows® Operating System 1c24.2180: ProductVersion: 10.0.16299.15 1c24.2180: FileVersion: 10.0.16299.15 (WinBuild.160101.0800) 1c24.2180: FileDescription: Windows NT BASE API Client DLL 1c24.2180: \SystemRoot\System32\KernelBase.dll: 1c24.2180: CreationTime: 2018-02-16T15:53:30.525154600Z 1c24.2180: LastWriteTime: 2018-02-10T06:15:53.408982400Z 1c24.2180: ChangeTime: 2018-02-19T11:04:34.845920900Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x266000 1c24.2180: NT Headers: 0xf0 1c24.2180: Timestamp: 0x4414ec23 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0x4414ec23 1c24.2180: Image Version: 10.0 1c24.2180: SizeOfImage: 0x266000 (2514944) 1c24.2180: Resource Dir: 0x245000 LB 0x548 1c24.2180: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: Microsoft® Windows® Operating System 1c24.2180: ProductVersion: 10.0.16299.248 1c24.2180: FileVersion: 10.0.16299.248 (WinBuild.160101.0800) 1c24.2180: FileDescription: Windows NT BASE API Client DLL 1c24.2180: \SystemRoot\System32\apisetschema.dll: 1c24.2180: CreationTime: 2017-09-29T13:42:07.095026600Z 1c24.2180: LastWriteTime: 2017-09-29T13:42:07.095026600Z 1c24.2180: ChangeTime: 2018-02-16T16:09:21.698420900Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x1b398 1c24.2180: NT Headers: 0xc8 1c24.2180: Timestamp: 0xf30abf31 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0xf30abf31 1c24.2180: Image Version: 10.0 1c24.2180: SizeOfImage: 0x1c000 (114688) 1c24.2180: Resource Dir: 0x1b000 LB 0x408 1c24.2180: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: Microsoft® Windows® Operating System 1c24.2180: ProductVersion: 10.0.16299.15 1c24.2180: FileVersion: 10.0.16299.15 (WinBuild.160101.0800) 1c24.2180: FileDescription: ApiSet Schema DLL 1c24.2180: NtOpenDirectoryObject failed on \Driver: 0xc0000022 1c24.2180: supR3HardenedWinFindAdversaries: 0x1008 1c24.2180: \SystemRoot\System32\drivers\tmcomm.sys: 1c24.2180: CreationTime: 2017-01-02T13:11:18.436528800Z 1c24.2180: LastWriteTime: 2016-09-29T09:27:10.000000000Z 1c24.2180: ChangeTime: 2017-11-22T16:45:09.934551100Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x6a4e0 1c24.2180: NT Headers: 0xf8 1c24.2180: Timestamp: 0x57bba895 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0x57bba895 1c24.2180: Image Version: 10.0 1c24.2180: SizeOfImage: 0x6c000 (442368) 1c24.2180: Resource Dir: 0x6a000 LB 0x568 1c24.2180: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x6a060 LB 0x504, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: Trend Micro Eyes 1c24.2180: ProductVersion: 7.0 1c24.2180: FileVersion: 7.0.0.1101 1c24.2180: SpecialBuild: 1101 1c24.2180: PrivateBuild: Build 1101 - 8/23/2016 1c24.2180: FileDescription: TrendMicro Common Module 1c24.2180: \SystemRoot\System32\drivers\tmactmon.sys: 1c24.2180: CreationTime: 2017-01-02T13:11:18.405539500Z 1c24.2180: LastWriteTime: 2016-09-29T09:27:20.000000000Z 1c24.2180: ChangeTime: 2017-11-22T16:45:09.934551100Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x1fad8 1c24.2180: NT Headers: 0xe0 1c24.2180: Timestamp: 0x57e8f5ac 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0x57e8f5ac 1c24.2180: Image Version: 6.0 1c24.2180: SizeOfImage: 0x24000 (147456) 1c24.2180: Resource Dir: 0x22000 LB 0x590 1c24.2180: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x22060 LB 0x52c, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: Trend Micro AEGIS 1c24.2180: ProductVersion: 2.976 1c24.2180: FileVersion: 2.976.0.1159 1c24.2180: SpecialBuild: 1159 1c24.2180: PrivateBuild: Build 1159 - 9/26/2016 1c24.2180: FileDescription: TrendMicro Activity Monitor Module 1c24.2180: \SystemRoot\System32\drivers\tmevtmgr.sys: 1c24.2180: CreationTime: 2017-01-02T13:11:19.700647600Z 1c24.2180: LastWriteTime: 2016-09-29T09:25:04.000000000Z 1c24.2180: ChangeTime: 2017-11-22T16:45:09.934551100Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x166e0 1c24.2180: NT Headers: 0xe0 1c24.2180: Timestamp: 0x57e8f5aa 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0x57e8f5aa 1c24.2180: Image Version: 6.0 1c24.2180: SizeOfImage: 0x17000 (94208) 1c24.2180: Resource Dir: 0x15000 LB 0x590 1c24.2180: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x15060 LB 0x52c, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: Trend Micro AEGIS 1c24.2180: ProductVersion: 2.976 1c24.2180: FileVersion: 2.976.0.1159 1c24.2180: SpecialBuild: 1159 1c24.2180: PrivateBuild: Build 1159 - 9/26/2016 1c24.2180: FileDescription: TrendMicro Event Management Module 1c24.2180: \SystemRoot\System32\drivers\tmeevw.sys: 1c24.2180: CreationTime: 2017-01-02T13:11:18.508537100Z 1c24.2180: LastWriteTime: 2016-07-15T04:48:26.000000000Z 1c24.2180: ChangeTime: 2017-11-22T16:45:09.934551100Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x22ee0 1c24.2180: NT Headers: 0xf8 1c24.2180: Timestamp: 0x578312e1 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0x578312e1 1c24.2180: Image Version: 10.0 1c24.2180: SizeOfImage: 0x23000 (143360) 1c24.2180: Resource Dir: 0x1d000 LB 0x4e00 1c24.2180: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x2190c LB 0x4f4, codepage 0x4e4 (reserved 0x0)] 1c24.2180: ProductName: Trend Micro EagleEye 1c24.2180: ProductVersion: 3.0 1c24.2180: FileVersion: 3.0.0.1002 1c24.2180: SpecialBuild: 1002 1c24.2180: PrivateBuild: Build 1002 - 7/11/2016 1c24.2180: FileDescription: Trend Micro EagleEye Driver (VW) (amd64-fre) 1c24.2180: \SystemRoot\System32\drivers\vsdatant.sys: 1c24.2180: CreationTime: 2017-11-24T14:29:12.000000000Z 1c24.2180: LastWriteTime: 2017-11-24T14:29:12.000000000Z 1c24.2180: ChangeTime: 2018-02-21T17:29:38.232739500Z 1c24.2180: FileAttributes: 0x20 1c24.2180: Size: 0x75430 1c24.2180: NT Headers: 0xf8 1c24.2180: Timestamp: 0x5a153960 1c24.2180: Machine: 0x8664 - amd64 1c24.2180: Timestamp: 0x5a153960 1c24.2180: Image Version: 6.1 1c24.2180: SizeOfImage: 0x9a000 (630784) 1c24.2180: Resource Dir: 0x98000 LB 0x3d8 1c24.2180: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 1c24.2180: [Raw version resource data: 0x98060 LB 0x374, codepage 0x0 (reserved 0x0)] 1c24.2180: ProductName: End Point Security 1c24.2180: ProductVersion: E80.64 1c24.2180: FileVersion: 926000784 1c24.2180: FileDescription: ZoneAlarm Firewalling Driver 1c24.2180: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 1c24.2180: Calling main() 1c24.2180: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1c24.2180: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 1c24.2180: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1c24.2180: SUPR3HardenedMain: Respawn #2 1c24.2180: Error (rc=-5640): 1c24.2180: More than one thread in process 1c24.2180: Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1) 1c24.2180: More than one thread in process 1c24.2180: supR3HardNtEnableThreadCreation: 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'combase.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'shlwapi.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'comctl32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'shell32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'iphlpapi.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'bcrypt.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winspool.drv) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmmbase.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmmbase.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.248_none_8879e63c4abacc42\comctl32.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.248_none_8879e63c4abacc42\comctl32.dll 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff10210000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffefc010000 LB 0x0011e000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00000000553d0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 0000000056370000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffeb72d0000 LB 0x00590000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff20010000 LB 0x00149000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff05f50000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 0000000054320000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffeb6cd0000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 0000000054890000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1c5d0000 LB 0x00025000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff17460000 LB 0x00086000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffefd310000 LB 0x000a6000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.248_none_8879e63c4abacc42\COMCTL32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.248_none_8879e63c4abacc42\comctl32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 0000000005590000 LB 0x0010a000 C:\WINDOWS\System32\COMDLG32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffee1fe0000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 0000000055370000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff20370000 LB 0x000c5000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1a950000 LB 0x0002a000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1a980000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffeb5e00000 LB 0x00a06000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb72d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff201e0000 'C:\WINDOWS\System32\imm32.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f030000 'C:\WINDOWS\System32\ADVAPI32.DLL' 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1c4e0000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb5e00000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f0e0000 'C:\WINDOWS\System32\kernel32.dll' 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffed9cc0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed9cc0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll' 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1ad10000 LB 0x00095000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1ad10000 'C:\WINDOWS\system32\uxtheme.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20560000 'C:\WINDOWS\system32\user32.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1dbf0000 'C:\WINDOWS\system32\shell32.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f7c0000 'C:\WINDOWS\system32\SHCore.dll' 1c24.2180: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 126 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll' 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1afa0000 LB 0x0002a000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1a980000 'C:\WINDOWS\system32\winmm.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1a980000 'C:\WINDOWS\system32\winmm.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1dbf0000 'C:\WINDOWS\system32\shell32.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1ad10000 'C:\WINDOWS\system32\uxtheme.dll' 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\gdi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fb90000 'C:\WINDOWS\system32\gdi32.dll' 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f880000 LB 0x00167000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'oleaut32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'imm32.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msctf.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f250000 'C:\WINDOWS\System32\rpcrt4.dll' 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1f1b0000 LB 0x0009e000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'combase.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'd3d11.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'dcomp.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\DataExchange.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\DataExchange.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume2\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dcomp.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dcomp.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume2\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'win32u.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\d3d11.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\d3d11.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume2\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dxgi.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dxgi.dll 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1b910000 LB 0x000af000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff199b0000 LB 0x002e2000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1a340000 LB 0x00142000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007ffefb9a0000 LB 0x0004f000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fb90000 'C:\WINDOWS\System32\gdi32.dll' 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb9a0000 'C:\WINDOWS\system32\dataexchange.dll' 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rmclient.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcrypt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\twinapi.appcore.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\twinapi.appcore.dll 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rmclient.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rmclient.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1af80000 LB 0x00020000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rmclient.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1ae00000 LB 0x0017b000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume2\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rmclient.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 1c24.2180: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 1c24.2180: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 1c24.2180: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f880000 'C:\WINDOWS\System32\MSCTF.dll' 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'coreuicomponents.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'coremessaging.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\TextInputFramework.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\TextInputFramework.dll 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntmarta.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntmarta.dll 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'. 1c24.2180: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'bcryptprimitives.dll'. 1c24.2180: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\WinTypes.dll) 1c24.2180: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\WinTypes.dll 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1bb30000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntmarta.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff1a260000 LB 0x000dc000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff17e50000 LB 0x00136000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WinTypes.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff17ff0000 LB 0x002ee000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust] 1c24.2180: supR3HardenedDllNotificationCallback: load 00007fff169b0000 LB 0x00098000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0] 1c24.2180: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\TextInputFramework.dll [lacks WinVerifyTrust]