2d88.4da0: Log file opened: 6.1.18r142142 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa04a6200 2d88.4da0: \SystemRoot\System32\ntdll.dll: 2d88.4da0: CreationTime: 2021-02-10T08:58:42.901506300Z 2d88.4da0: LastWriteTime: 2021-02-10T08:58:42.938596800Z 2d88.4da0: ChangeTime: 2021-02-10T09:05:05.536104000Z 2d88.4da0: FileAttributes: 0x20 2d88.4da0: Size: 0x1ee738 2d88.4da0: NT Headers: 0xe8 2d88.4da0: Timestamp: 0x4544b4a1 2d88.4da0: Machine: 0x8664 - amd64 2d88.4da0: Timestamp: 0x4544b4a1 2d88.4da0: Image Version: 10.0 2d88.4da0: SizeOfImage: 0x1f6000 (2056192) 2d88.4da0: Resource Dir: 0x185000 LB 0x6fd28 2d88.4da0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 2d88.4da0: [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)] 2d88.4da0: ProductName: Microsoft® Windows® Operating System 2d88.4da0: ProductVersion: 10.0.19041.804 2d88.4da0: FileVersion: 10.0.19041.804 (WinBuild.160101.0800) 2d88.4da0: FileDescription: NT Layer DLL 2d88.4da0: \SystemRoot\System32\kernel32.dll: 2d88.4da0: CreationTime: 2021-02-10T08:58:25.426714300Z 2d88.4da0: LastWriteTime: 2021-02-10T08:58:25.442671300Z 2d88.4da0: ChangeTime: 2021-02-10T09:04:58.116182100Z 2d88.4da0: FileAttributes: 0x20 2d88.4da0: Size: 0xbac30 2d88.4da0: NT Headers: 0xe8 2d88.4da0: Timestamp: 0xd714134a 2d88.4da0: Machine: 0x8664 - amd64 2d88.4da0: Timestamp: 0xd714134a 2d88.4da0: Image Version: 10.0 2d88.4da0: SizeOfImage: 0xbd000 (774144) 2d88.4da0: Resource Dir: 0xbb000 LB 0x520 2d88.4da0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 2d88.4da0: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 2d88.4da0: ProductName: Microsoft® Windows® Operating System 2d88.4da0: ProductVersion: 10.0.19041.804 2d88.4da0: FileVersion: 10.0.19041.804 (WinBuild.160101.0800) 2d88.4da0: FileDescription: Windows NT BASE API Client DLL 2d88.4da0: \SystemRoot\System32\KernelBase.dll: 2d88.4da0: CreationTime: 2021-02-10T08:58:43.707640700Z 2d88.4da0: LastWriteTime: 2021-02-10T08:58:43.772474700Z 2d88.4da0: ChangeTime: 2021-02-10T09:05:03.762498300Z 2d88.4da0: FileAttributes: 0x20 2d88.4da0: Size: 0x2c9798 2d88.4da0: NT Headers: 0xf0 2d88.4da0: Timestamp: 0xe9c5eae 2d88.4da0: Machine: 0x8664 - amd64 2d88.4da0: Timestamp: 0xe9c5eae 2d88.4da0: Image Version: 10.0 2d88.4da0: SizeOfImage: 0x2c9000 (2920448) 2d88.4da0: Resource Dir: 0x2a0000 LB 0x548 2d88.4da0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 2d88.4da0: [Raw version resource data: 0x2a00b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 2d88.4da0: ProductName: Microsoft® Windows® Operating System 2d88.4da0: ProductVersion: 10.0.19041.804 2d88.4da0: FileVersion: 10.0.19041.804 (WinBuild.160101.0800) 2d88.4da0: FileDescription: Windows NT BASE API Client DLL 2d88.4da0: \SystemRoot\System32\apisetschema.dll: 2d88.4da0: CreationTime: 2019-12-07T09:08:13.518339400Z 2d88.4da0: LastWriteTime: 2019-12-07T09:08:13.518339400Z 2d88.4da0: ChangeTime: 2021-02-10T08:59:44.500161100Z 2d88.4da0: FileAttributes: 0x20 2d88.4da0: Size: 0x1f538 2d88.4da0: NT Headers: 0xd0 2d88.4da0: Timestamp: 0x31288ce0 2d88.4da0: Machine: 0x8664 - amd64 2d88.4da0: Timestamp: 0x31288ce0 2d88.4da0: Image Version: 10.0 2d88.4da0: SizeOfImage: 0x20000 (131072) 2d88.4da0: Resource Dir: 0x1f000 LB 0x408 2d88.4da0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 2d88.4da0: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 2d88.4da0: ProductName: Microsoft® Windows® Operating System 2d88.4da0: ProductVersion: 10.0.19041.1 2d88.4da0: FileVersion: 10.0.19041.1 (WinBuild.160101.0800) 2d88.4da0: FileDescription: ApiSet Schema DLL 2d88.4da0: NtOpenDirectoryObject failed on \Driver: 0xc0000022 2d88.4da0: supR3HardenedWinFindAdversaries: 0x0 2d88.4da0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 2d88.4da0: Calling main() 2d88.4da0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2 2d88.4da0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 2d88.4da0: SUPR3HardenedMain: Respawn #1 2d88.4da0: System32: \Device\HarddiskVolume3\Windows\System32 2d88.4da0: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS 2d88.4da0: KnownDllPath: C:\WINDOWS\System32 2d88.4da0: supR3HardenedWinInit: Performing a limited self purification... 2d88.4da0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION 2d88.4da0: *0000000000000000-000000000004ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000050000-000000000005ffff 0x0004/0x0004 0x0040000 2d88.4da0: *0000000000060000-0000000000060fff 0x0002/0x0002 0x0040000 2d88.4da0: 0000000000061000-000000000006ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000070000-000000000008cfff 0x0002/0x0002 0x0040000 2d88.4da0: 000000000008d000-000000000008ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000090000-0000000000148fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000149000-000000000014bfff 0x0104/0x0004 0x0020000 2d88.4da0: 000000000014c000-000000000018ffff 0x0004/0x0004 0x0020000 2d88.4da0: *0000000000190000-0000000000193fff 0x0002/0x0002 0x0040000 2d88.4da0: 0000000000194000-000000000019ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000001a0000-00000000001a1fff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000001a2000-00000000001affff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000001b0000-00000000001b0fff 0x0002/0x0002 0x0040000 2d88.4da0: 00000000001b1000-00000000001bffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000001c0000-00000000001c0fff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000001c1000-00000000001cffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000001d0000-00000000001d0fff 0x0002/0x0004 0x0020000 2d88.4da0: 00000000001d1000-00000000001d1fff 0x0020/0x0004 0x0020000 !! 2d88.4da0: 00000000001d2000-00000000001dffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000001e0000-00000000001e0fff 0x0002/0x0004 0x0020000 2d88.4da0: 00000000001e1000-00000000001e1fff 0x0020/0x0004 0x0020000 !! 2d88.4da0: 00000000001e2000-00000000001effff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000001f0000-00000000001f0fff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000001f1000-00000000001fffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000200000-0000000000245fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000246000-0000000000248fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000249000-00000000003fffff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000400000-000000000040ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000410000-0000000000415fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000416000-000000000050ffff 0x0000/0x0004 0x0020000 2d88.4da0: *0000000000510000-00000000005d8fff 0x0002/0x0002 0x0040000 2d88.4da0: 00000000005d9000-00000000005dffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000005e0000-00000000005e1fff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000005e2000-0000000000611fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000612000-000000000061ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000620000-0000000000621fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000622000-0000000000651fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000652000-000000000065ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000660000-0000000000660fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000661000-0000000000691fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000692000-00000000006cffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000006d0000-000000000078ffff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000790000-000000000079ffff 0x0000/0x0004 0x0020000 2d88.4da0: *00000000007a0000-00000000007a0fff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000007a1000-00000000007d1fff 0x0000/0x0004 0x0020000 2d88.4da0: 00000000007d2000-00000000007dffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000007e0000-00000000007e1fff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000007e2000-0000000000811fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000812000-00000000008dffff 0x0001/0x0000 0x0000000 2d88.4da0: *00000000008e0000-000000000099ffff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000009a0000-00000000009affff 0x0000/0x0004 0x0020000 2d88.4da0: *00000000009b0000-00000000009ccfff 0x0004/0x0004 0x0020000 2d88.4da0: 00000000009cd000-0000000000aaffff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000ab0000-0000000000b2ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000b30000-0000000000b3efff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000b3f000-0000000000b3ffff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000b40000-0000000000b9ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000ba0000-0000000000ba4fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000ba5000-0000000000f9ffff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000000fa0000-000000000102ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000001030000-0000000001057fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000001058000-000000000142ffff 0x0000/0x0004 0x0020000 2d88.4da0: *0000000001430000-000000000143cfff 0x0000/0x0004 0x0020000 2d88.4da0: 000000000143d000-0000000001633fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000001634000-0000000001634fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000001635000-000000007ffdffff 0x0001/0x0000 0x0000000 2d88.4da0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 2d88.4da0: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000 2d88.4da0: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000 2d88.4da0: 000000007fff0000-00007ff4096effff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff4096f0000-00007ff4096f0fff 0x0004/0x0004 0x0020000 2d88.4da0: 00007ff4096f1000-00007ff4096fffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff409700000-00007ff40970ffff 0x0002/0x0002 0x0020000 2d88.4da0: *00007ff409710000-00007ff409710fff 0x0002/0x0002 0x0020000 2d88.4da0: 00007ff409711000-00007ff409712fff 0x0020/0x0002 0x0020000 !! 2d88.4da0: 00007ff409713000-00007ff40971ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff409720000-00007ff409724fff 0x0002/0x0002 0x0040000 2d88.4da0: 00007ff409725000-00007ff40981ffff 0x0000/0x0002 0x0040000 2d88.4da0: *00007ff409820000-00007ff50983ffff 0x0000/0x0004 0x0020000 2d88.4da0: *00007ff509840000-00007ff50b83ffff 0x0000/0x0004 0x0020000 2d88.4da0: 00007ff50b840000-00007ff50b840fff 0x0004/0x0004 0x0020000 2d88.4da0: 00007ff50b841000-00007ff50b84ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff50b850000-00007ff50b850fff 0x0020/0x0004 0x0020000 !! 2d88.4da0: 00007ff50b851000-00007ff50b85ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff50b860000-00007ff50b860fff 0x0002/0x0002 0x0040000 2d88.4da0: 00007ff50b861000-00007ff50b86ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff50b870000-00007ff50b892fff 0x0002/0x0002 0x0040000 2d88.4da0: 00007ff50b893000-00007ff6d0f8ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff6d0f90000-00007ff6d0f90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d0f91000-00007ff6d1007fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d1008000-00007ff6d1008fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d1009000-00007ff6d1051fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d1052000-00007ff6d1054fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d1055000-00007ff6d1057fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d1058000-00007ff6d105afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d105b000-00007ff6d105bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d105c000-00007ff6d105dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d105e000-00007ff6d105efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d105f000-00007ff6d10a7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2d88.4da0: 00007ff6d10a8000-00007ffd5df6ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ffd5df70000-00007ffd5df70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5df70000 LB 0x1000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5df71000-00007ffd5dfb6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5df71000 LB 0x46000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5dfb7000-00007ffd5e03ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5dfb7000 LB 0x89000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5e040000-00007ffd5e046fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e040000 LB 0x7000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5e047000-00007ffd5e047fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e047000 LB 0x1000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5e048000-00007ffd5e04dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e048000 LB 0x6000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5e04e000-00007ffd5e051fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e04e000 LB 0x4000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5e052000-00007ffd5e05cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e052000 LB 0xb000 (base 00007ffd5df70000) - 'atcuf64.dll' 2d88.4da0: 00007ffd5e05d000-00007ffd5e05ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ffd5e060000-00007ffd5e060fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e060000 LB 0x1000 (base 00007ffd5e060000) - 'bdhkm64.dll' 2d88.4da0: 00007ffd5e061000-00007ffd5e083fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e061000 LB 0x23000 (base 00007ffd5e060000) - 'bdhkm64.dll' 2d88.4da0: 00007ffd5e084000-00007ffd5e106fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e084000 LB 0x83000 (base 00007ffd5e060000) - 'bdhkm64.dll' 2d88.4da0: 00007ffd5e107000-00007ffd5e109fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e107000 LB 0x3000 (base 00007ffd5e060000) - 'bdhkm64.dll' 2d88.4da0: 00007ffd5e10a000-00007ffd5e10bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e10a000 LB 0x2000 (base 00007ffd5e060000) - 'bdhkm64.dll' 2d88.4da0: 00007ffd5e10c000-00007ffd5e114fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll 2d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e10c000 LB 0x9000 (base 00007ffd5e060000) - 'bdhkm64.dll' 2d88.4da0: 00007ffd5e115000-00007ffd8bb9ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ffd8bba0000-00007ffd8bba0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 2d88.4da0: 00007ffd8bba1000-00007ffd8bcb2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 2d88.4da0: 00007ffd8bcb3000-00007ffd8be2afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 2d88.4da0: 00007ffd8be2b000-00007ffd8be2efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 2d88.4da0: 00007ffd8be2f000-00007ffd8be2ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 2d88.4da0: 00007ffd8be30000-00007ffd8be68fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 2d88.4da0: 00007ffd8be69000-00007ffd8d77ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ffd8d780000-00007ffd8d780fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 2d88.4da0: 00007ffd8d781000-00007ffd8d7fefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 2d88.4da0: 00007ffd8d7ff000-00007ffd8d831fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 2d88.4da0: 00007ffd8d832000-00007ffd8d832fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 2d88.4da0: 00007ffd8d833000-00007ffd8d833fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 2d88.4da0: 00007ffd8d834000-00007ffd8d83cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 2d88.4da0: 00007ffd8d83d000-00007ffd8e42ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ffd8e430000-00007ffd8e430fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2d88.4da0: 00007ffd8e431000-00007ffd8e54bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2d88.4da0: 00007ffd8e54c000-00007ffd8e594fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2d88.4da0: 00007ffd8e595000-00007ffd8e595fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2d88.4da0: 00007ffd8e596000-00007ffd8e597fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2d88.4da0: 00007ffd8e598000-00007ffd8e5a0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2d88.4da0: 00007ffd8e5a1000-00007ffd8e625fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2d88.4da0: 00007ffd8e626000-00007ffd8e62ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ffd8e630000-00007ffd8e630fff 0x0020/0x0002 0x0020000 !! 2d88.4da0: 00007ffd8e631000-00007ffd8e63ffff 0x0002/0x0002 0x0020000 2d88.4da0: *00007ffd8e640000-00007ffd8e640fff 0x0020/0x0002 0x0020000 !! 2d88.4da0: 00007ffd8e641000-00007ffd8e64ffff 0x0002/0x0002 0x0020000 2d88.4da0: 00007ffd8e650000-00007ffffffeffff 0x0001/0x0000 0x0000000 2d88.4da0: kernel32.dll: timestamp 0xd714134a (rc=VINF_SUCCESS) 2d88.4da0: kernelbase.dll: timestamp 0xe9c5eae (rc=VINF_SUCCESS) 2d88.4da0: VirtualBoxVM.exe: timestamp 0x5ff72a09 (rc=VINF_SUCCESS) 2d88.4da0: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202 2d88.4da0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports 2d88.4da0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports 2d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8e454020 / 0x0024020: 4c != e9 2d88.4da0: 00007ffd8e454021 / 0x0024021: 89 != 0e 2d88.4da0: 00007ffd8e454022 / 0x0024022: 4c != c0 2d88.4da0: 00007ffd8e454023 / 0x0024023: 24 != 1d 2d88.4da0: 00007ffd8e454024 / 0x0024024: 20 != 00 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e453000 2d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8e4cc7b0 / 0x009c7b0: 4c != e9 2d88.4da0: 00007ffd8e4cc7b1 / 0x009c7b1: 8b != a8 2d88.4da0: 00007ffd8e4cc7b2 / 0x009c7b2: d1 != 41 2d88.4da0: 00007ffd8e4cc7b3 / 0x009c7b3: b8 != 16 2d88.4da0: 00007ffd8e4cc7b4 / 0x009c7b4: 0d != 00 2d88.4da0: 00007ffd8e4cc7b5 / 0x009c7b5: 00 != cc 2d88.4da0: 00007ffd8e4cc7b6 / 0x009c7b6: 00 != cc 2d88.4da0: 00007ffd8e4cc7b7 / 0x009c7b7: 00 != cc 2d88.4da0: 00007ffd8e4cc7f0 / 0x009c7f0: 4c != e9 2d88.4da0: 00007ffd8e4cc7f1 / 0x009c7f1: 8b != d5 2d88.4da0: 00007ffd8e4cc7f2 / 0x009c7f2: d1 != 3a 2d88.4da0: 00007ffd8e4cc7f3 / 0x009c7f3: b8 != 16 2d88.4da0: 00007ffd8e4cc7f4 / 0x009c7f4: 0f != 00 2d88.4da0: 00007ffd8e4cc7f5 / 0x009c7f5: 00 != cc 2d88.4da0: 00007ffd8e4cc7f6 / 0x009c7f6: 00 != cc 2d88.4da0: 00007ffd8e4cc7f7 / 0x009c7f7: 00 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e4ca93e 2d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8e4ccad0 / 0x009cad0: 4c != e9 2d88.4da0: 00007ffd8e4ccad1 / 0x009cad1: 8b != 26 2d88.4da0: 00007ffd8e4ccad2 / 0x009cad2: d1 != 3a 2d88.4da0: 00007ffd8e4ccad3 / 0x009cad3: b8 != 16 2d88.4da0: 00007ffd8e4ccad4 / 0x009cad4: 26 != 00 2d88.4da0: 00007ffd8e4ccad5 / 0x009cad5: 00 != cc 2d88.4da0: 00007ffd8e4ccad6 / 0x009cad6: 00 != cc 2d88.4da0: 00007ffd8e4ccad7 / 0x009cad7: 00 != cc 2d88.4da0: 00007ffd8e4ccb10 / 0x009cb10: 4c != e9 2d88.4da0: 00007ffd8e4ccb11 / 0x009cb11: 8b != 4b 2d88.4da0: 00007ffd8e4ccb12 / 0x009cb12: d1 != 3b 2d88.4da0: 00007ffd8e4ccb13 / 0x009cb13: b8 != 16 2d88.4da0: 00007ffd8e4ccb14 / 0x009cb14: 28 != 00 2d88.4da0: 00007ffd8e4ccb15 / 0x009cb15: 00 != cc 2d88.4da0: 00007ffd8e4ccb16 / 0x009cb16: 00 != cc 2d88.4da0: 00007ffd8e4ccb17 / 0x009cb17: 00 != cc 2d88.4da0: 00007ffd8e4ccb50 / 0x009cb50: 4c != e9 2d88.4da0: 00007ffd8e4ccb51 / 0x009cb51: 8b != 3a 2d88.4da0: 00007ffd8e4ccb52 / 0x009cb52: d1 != 3f 2d88.4da0: 00007ffd8e4ccb53 / 0x009cb53: b8 != 16 2d88.4da0: 00007ffd8e4ccb54 / 0x009cb54: 2a != 00 2d88.4da0: 00007ffd8e4ccb55 / 0x009cb55: 00 != cc 2d88.4da0: 00007ffd8e4ccb56 / 0x009cb56: 00 != cc 2d88.4da0: 00007ffd8e4ccb57 / 0x009cb57: 00 != cc 2d88.4da0: 00007ffd8e4ccb90 / 0x009cb90: 4c != e9 2d88.4da0: 00007ffd8e4ccb91 / 0x009cb91: 8b != 6b 2d88.4da0: 00007ffd8e4ccb92 / 0x009cb92: d1 != 34 2d88.4da0: 00007ffd8e4ccb93 / 0x009cb93: b8 != 16 2d88.4da0: 00007ffd8e4ccb94 / 0x009cb94: 2c != 00 2d88.4da0: 00007ffd8e4ccb95 / 0x009cb95: 00 != cc 2d88.4da0: 00007ffd8e4ccb96 / 0x009cb96: 00 != cc 2d88.4da0: 00007ffd8e4ccb97 / 0x009cb97: 00 != cc 2d88.4da0: 00007ffd8e4ccd50 / 0x009cd50: 4c != e9 2d88.4da0: 00007ffd8e4ccd51 / 0x009cd51: 8b != 0d 2d88.4da0: 00007ffd8e4ccd52 / 0x009cd52: d1 != 37 2d88.4da0: 00007ffd8e4ccd53 / 0x009cd53: b8 != 16 2d88.4da0: 00007ffd8e4ccd54 / 0x009cd54: 3a != 00 2d88.4da0: 00007ffd8e4ccd55 / 0x009cd55: 00 != cc 2d88.4da0: 00007ffd8e4ccd56 / 0x009cd56: 00 != cc 2d88.4da0: 00007ffd8e4ccd57 / 0x009cd57: 00 != cc 2d88.4da0: 00007ffd8e4ccd90 / 0x009cd90: 4c != e9 2d88.4da0: 00007ffd8e4ccd91 / 0x009cd91: 8b != cc 2d88.4da0: 00007ffd8e4ccd92 / 0x009cd92: d1 != 37 2d88.4da0: 00007ffd8e4ccd93 / 0x009cd93: b8 != 16 2d88.4da0: 00007ffd8e4ccd94 / 0x009cd94: 3c != 00 2d88.4da0: 00007ffd8e4ccd95 / 0x009cd95: 00 != cc 2d88.4da0: 00007ffd8e4ccd96 / 0x009cd96: 00 != cc 2d88.4da0: 00007ffd8e4ccd97 / 0x009cd97: 00 != cc 2d88.4da0: 00007ffd8e4cce30 / 0x009ce30: 4c != e9 2d88.4da0: 00007ffd8e4cce31 / 0x009ce31: 8b != 31 2d88.4da0: 00007ffd8e4cce32 / 0x009ce32: d1 != 32 2d88.4da0: 00007ffd8e4cce33 / 0x009ce33: b8 != 16 2d88.4da0: 00007ffd8e4cce34 / 0x009ce34: 41 != 00 2d88.4da0: 00007ffd8e4cce35 / 0x009ce35: 00 != cc 2d88.4da0: 00007ffd8e4cce36 / 0x009ce36: 00 != cc 2d88.4da0: 00007ffd8e4cce37 / 0x009ce37: 00 != cc 2d88.4da0: 00007ffd8e4cceb0 / 0x009ceb0: 4c != e9 2d88.4da0: 00007ffd8e4cceb1 / 0x009ceb1: 8b != 12 2d88.4da0: 00007ffd8e4cceb2 / 0x009ceb2: d1 != 37 2d88.4da0: 00007ffd8e4cceb3 / 0x009ceb3: b8 != 16 2d88.4da0: 00007ffd8e4cceb4 / 0x009ceb4: 45 != 00 2d88.4da0: 00007ffd8e4cceb5 / 0x009ceb5: 00 != cc 2d88.4da0: 00007ffd8e4cceb6 / 0x009ceb6: 00 != cc 2d88.4da0: 00007ffd8e4cceb7 / 0x009ceb7: 00 != cc 2d88.4da0: 00007ffd8e4ccfb0 / 0x009cfb0: 4c != e9 2d88.4da0: 00007ffd8e4ccfb1 / 0x009cfb1: 8b != 7b 2d88.4da0: 00007ffd8e4ccfb2 / 0x009cfb2: d1 != 33 2d88.4da0: 00007ffd8e4ccfb3 / 0x009cfb3: b8 != 16 2d88.4da0: 00007ffd8e4ccfb4 / 0x009cfb4: 4d != 00 2d88.4da0: 00007ffd8e4ccfb5 / 0x009cfb5: 00 != cc 2d88.4da0: 00007ffd8e4ccfb6 / 0x009cfb6: 00 != cc 2d88.4da0: 00007ffd8e4ccfb7 / 0x009cfb7: 00 != cc 2d88.4da0: 00007ffd8e4ccfd0 / 0x009cfd0: 4c != e9 2d88.4da0: 00007ffd8e4ccfd1 / 0x009cfd1: 8b != 27 2d88.4da0: 00007ffd8e4ccfd2 / 0x009cfd2: d1 != 34 2d88.4da0: 00007ffd8e4ccfd3 / 0x009cfd3: b8 != 16 2d88.4da0: 00007ffd8e4ccfd4 / 0x009cfd4: 4e != 00 2d88.4da0: 00007ffd8e4ccfd5 / 0x009cfd5: 00 != cc 2d88.4da0: 00007ffd8e4ccfd6 / 0x009cfd6: 00 != cc 2d88.4da0: 00007ffd8e4ccfd7 / 0x009cfd7: 00 != cc 2d88.4da0: 00007ffd8e4cd050 / 0x009d050: 4c != e9 2d88.4da0: 00007ffd8e4cd051 / 0x009d051: 8b != a0 2d88.4da0: 00007ffd8e4cd052 / 0x009d052: d1 != 3a 2d88.4da0: 00007ffd8e4cd053 / 0x009d053: b8 != 16 2d88.4da0: 00007ffd8e4cd054 / 0x009d054: 52 != 00 2d88.4da0: 00007ffd8e4cd055 / 0x009d055: 00 != cc 2d88.4da0: 00007ffd8e4cd056 / 0x009d056: 00 != cc 2d88.4da0: 00007ffd8e4cd057 / 0x009d057: 00 != cc 2d88.4da0: 00007ffd8e4cd520 / 0x009d520: 4c != e9 2d88.4da0: 00007ffd8e4cd521 / 0x009d521: 8b != 6b 2d88.4da0: 00007ffd8e4cd522 / 0x009d522: d1 != 34 2d88.4da0: 00007ffd8e4cd523 / 0x009d523: b8 != 16 2d88.4da0: 00007ffd8e4cd524 / 0x009d524: 79 != 00 2d88.4da0: 00007ffd8e4cd525 / 0x009d525: 00 != cc 2d88.4da0: 00007ffd8e4cd526 / 0x009d526: 00 != cc 2d88.4da0: 00007ffd8e4cd527 / 0x009d527: 00 != cc 2d88.4da0: 00007ffd8e4cd560 / 0x009d560: 4c != e9 2d88.4da0: 00007ffd8e4cd561 / 0x009d561: 8b != 5e 2d88.4da0: 00007ffd8e4cd562 / 0x009d562: d1 != 34 2d88.4da0: 00007ffd8e4cd563 / 0x009d563: b8 != 16 2d88.4da0: 00007ffd8e4cd564 / 0x009d564: 7b != 00 2d88.4da0: 00007ffd8e4cd565 / 0x009d565: 00 != cc 2d88.4da0: 00007ffd8e4cd566 / 0x009d566: 00 != cc 2d88.4da0: 00007ffd8e4cd567 / 0x009d567: 00 != cc 2d88.4da0: 00007ffd8e4cd780 / 0x009d780: 4c != e9 2d88.4da0: 00007ffd8e4cd781 / 0x009d781: 8b != 71 2d88.4da0: 00007ffd8e4cd782 / 0x009d782: d1 != 32 2d88.4da0: 00007ffd8e4cd783 / 0x009d783: b8 != 16 2d88.4da0: 00007ffd8e4cd784 / 0x009d784: 8c != 00 2d88.4da0: 00007ffd8e4cd785 / 0x009d785: 00 != cc 2d88.4da0: 00007ffd8e4cd786 / 0x009d786: 00 != cc 2d88.4da0: 00007ffd8e4cd787 / 0x009d787: 00 != cc 2d88.4da0: 00007ffd8e4cdd20 / 0x009dd20: 4c != e9 2d88.4da0: 00007ffd8e4cdd21 / 0x009dd21: 8b != d8 2d88.4da0: 00007ffd8e4cdd22 / 0x009dd22: d1 != 25 2d88.4da0: 00007ffd8e4cdd23 / 0x009dd23: b8 != 16 2d88.4da0: 00007ffd8e4cdd24 / 0x009dd24: b9 != 00 2d88.4da0: 00007ffd8e4cdd25 / 0x009dd25: 00 != cc 2d88.4da0: 00007ffd8e4cdd26 / 0x009dd26: 00 != cc 2d88.4da0: 00007ffd8e4cdd27 / 0x009dd27: 00 != cc 2d88.4da0: 00007ffd8e4cde20 / 0x009de20: 4c != e9 2d88.4da0: 00007ffd8e4cde21 / 0x009de21: 8b != 0a 2d88.4da0: 00007ffd8e4cde22 / 0x009de22: d1 != 26 2d88.4da0: 00007ffd8e4cde23 / 0x009de23: b8 != 16 2d88.4da0: 00007ffd8e4cde24 / 0x009de24: c1 != 00 2d88.4da0: 00007ffd8e4cde25 / 0x009de25: 00 != cc 2d88.4da0: 00007ffd8e4cde26 / 0x009de26: 00 != cc 2d88.4da0: 00007ffd8e4cde27 / 0x009de27: 00 != cc 2d88.4da0: 00007ffd8e4cdf00 / 0x009df00: 4c != e9 2d88.4da0: 00007ffd8e4cdf01 / 0x009df01: 8b != 5e 2d88.4da0: 00007ffd8e4cdf02 / 0x009df02: d1 != 24 2d88.4da0: 00007ffd8e4cdf03 / 0x009df03: b8 != 16 2d88.4da0: 00007ffd8e4cdf04 / 0x009df04: c8 != 00 2d88.4da0: 00007ffd8e4cdf05 / 0x009df05: 00 != cc 2d88.4da0: 00007ffd8e4cdf06 / 0x009df06: 00 != cc 2d88.4da0: 00007ffd8e4cdf07 / 0x009df07: 00 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e4cc93e 2d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8e4cf200 / 0x009f200: 4c != e9 2d88.4da0: 00007ffd8e4cf201 / 0x009f201: 8b != 57 2d88.4da0: 00007ffd8e4cf202 / 0x009f202: d1 != 18 2d88.4da0: 00007ffd8e4cf203 / 0x009f203: b8 != 16 2d88.4da0: 00007ffd8e4cf204 / 0x009f204: 60 != 00 2d88.4da0: 00007ffd8e4cf205 / 0x009f205: 01 != cc 2d88.4da0: 00007ffd8e4cf206 / 0x009f206: 00 != cc 2d88.4da0: 00007ffd8e4cf207 / 0x009f207: 00 != cc 2d88.4da0: 00007ffd8e4cf2e0 / 0x009f2e0: 4c != e9 2d88.4da0: 00007ffd8e4cf2e1 / 0x009f2e1: 8b != e6 2d88.4da0: 00007ffd8e4cf2e2 / 0x009f2e2: d1 != 0e 2d88.4da0: 00007ffd8e4cf2e3 / 0x009f2e3: b8 != 16 2d88.4da0: 00007ffd8e4cf2e4 / 0x009f2e4: 67 != 00 2d88.4da0: 00007ffd8e4cf2e5 / 0x009f2e5: 01 != cc 2d88.4da0: 00007ffd8e4cf2e6 / 0x009f2e6: 00 != cc 2d88.4da0: 00007ffd8e4cf2e7 / 0x009f2e7: 00 != cc 2d88.4da0: 00007ffd8e4cf760 / 0x009f760: 4c != e9 2d88.4da0: 00007ffd8e4cf761 / 0x009f761: 8b != 95 2d88.4da0: 00007ffd8e4cf762 / 0x009f762: d1 != 0e 2d88.4da0: 00007ffd8e4cf763 / 0x009f763: b8 != 16 2d88.4da0: 00007ffd8e4cf764 / 0x009f764: 8b != 00 2d88.4da0: 00007ffd8e4cf765 / 0x009f765: 01 != cc 2d88.4da0: 00007ffd8e4cf766 / 0x009f766: 00 != cc 2d88.4da0: 00007ffd8e4cf767 / 0x009f767: 00 != cc 2d88.4da0: 00007ffd8e4cfb20 / 0x009fb20: 4c != e9 2d88.4da0: 00007ffd8e4cfb21 / 0x009fb21: 8b != 04 2d88.4da0: 00007ffd8e4cfb22 / 0x009fb22: d1 != 0f 2d88.4da0: 00007ffd8e4cfb23 / 0x009fb23: b8 != 16 2d88.4da0: 00007ffd8e4cfb24 / 0x009fb24: a9 != 00 2d88.4da0: 00007ffd8e4cfb25 / 0x009fb25: 01 != cc 2d88.4da0: 00007ffd8e4cfb26 / 0x009fb26: 00 != cc 2d88.4da0: 00007ffd8e4cfb27 / 0x009fb27: 00 != cc 2d88.4da0: Restored 0x19e2 bytes of original file content at 00007ffd8e4ce93e 2d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8e50c100 / 0x00dc100: 4c != e9 2d88.4da0: 00007ffd8e50c101 / 0x00dc101: 8b != bd 2d88.4da0: 00007ffd8e50c102 / 0x00dc102: c2 != 49 2d88.4da0: 00007ffd8e50c103 / 0x00dc103: 41 != 12 2d88.4da0: 00007ffd8e50c104 / 0x00dc104: b9 != 00 2d88.4da0: 00007ffd8e50c106 / 0x00dc106: 02 != cc 2d88.4da0: 00007ffd8e50c107 / 0x00dc107: 00 != cc 2d88.4da0: 00007ffd8e50c108 / 0x00dc108: 00 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e50a48e 2d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8e50c850 / 0x00dc850: 48 != e9 2d88.4da0: 00007ffd8e50c851 / 0x00dc851: 8b != a9 2d88.4da0: 00007ffd8e50c852 / 0x00dc852: c4 != 39 2d88.4da0: 00007ffd8e50c853 / 0x00dc853: 48 != 12 2d88.4da0: 00007ffd8e50c854 / 0x00dc854: 89 != 00 2d88.4da0: 00007ffd8e50c855 / 0x00dc855: 58 != cc 2d88.4da0: 00007ffd8e50c856 / 0x00dc856: 08 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e50c48e 2d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8d7a2430 / 0x0022430: 4c != e9 2d88.4da0: 00007ffd8d7a2431 / 0x0022431: 8b != 62 2d88.4da0: 00007ffd8d7a2432 / 0x0022432: dc != de 2d88.4da0: 00007ffd8d7a2433 / 0x0022433: 53 != e8 2d88.4da0: 00007ffd8d7a2434 / 0x0022434: 56 != 00 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7a1000 2d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8d7a6450 / 0x0026450: 89 != e9 2d88.4da0: 00007ffd8d7a6451 / 0x0026451: 54 != d8 2d88.4da0: 00007ffd8d7a6452 / 0x0026452: 24 != a1 2d88.4da0: 00007ffd8d7a6453 / 0x0026453: 10 != e8 2d88.4da0: 00007ffd8d7a6454 / 0x0026454: 89 != 00 2d88.4da0: 00007ffd8d7a6455 / 0x0026455: 4c != cc 2d88.4da0: 00007ffd8d7a6456 / 0x0026456: 24 != cc 2d88.4da0: 00007ffd8d7a6457 / 0x0026457: 08 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7a5000 2d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8d7e2800 / 0x0062800: 48 != e9 2d88.4da0: 00007ffd8d7e2801 / 0x0062801: 83 != 27 2d88.4da0: 00007ffd8d7e2802 / 0x0062802: ec != df 2d88.4da0: 00007ffd8d7e2803 / 0x0062803: 38 != e4 2d88.4da0: 00007ffd8d7e2804 / 0x0062804: 48 != 00 2d88.4da0: 00007ffd8d7e2805 / 0x0062805: 83 != cc 2d88.4da0: 00007ffd8d7e2806 / 0x0062806: 64 != cc 2d88.4da0: 00007ffd8d7e2807 / 0x0062807: 24 != cc 2d88.4da0: 00007ffd8d7e2808 / 0x0062808: 28 != cc 2d88.4da0: 00007ffd8d7e2809 / 0x0062809: 00 != cc 2d88.4da0: 00007ffd8d7e2910 / 0x0062910: 48 != e9 2d88.4da0: 00007ffd8d7e2911 / 0x0062911: 83 != 7d 2d88.4da0: 00007ffd8d7e2912 / 0x0062912: ec != de 2d88.4da0: 00007ffd8d7e2913 / 0x0062913: 38 != e4 2d88.4da0: 00007ffd8d7e2914 / 0x0062914: 48 != 00 2d88.4da0: 00007ffd8d7e2915 / 0x0062915: 83 != cc 2d88.4da0: 00007ffd8d7e2916 / 0x0062916: 64 != cc 2d88.4da0: 00007ffd8d7e2917 / 0x0062917: 24 != cc 2d88.4da0: 00007ffd8d7e2918 / 0x0062918: 28 != cc 2d88.4da0: 00007ffd8d7e2919 / 0x0062919: 00 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7e1000 2d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8d7e3bd0 / 0x0063bd0: 48 != e9 2d88.4da0: 00007ffd8d7e3bd1 / 0x0063bd1: 89 != f1 2d88.4da0: 00007ffd8d7e3bd2 / 0x0063bd2: 5c != ca 2d88.4da0: 00007ffd8d7e3bd3 / 0x0063bd3: 24 != e4 2d88.4da0: 00007ffd8d7e3bd4 / 0x0063bd4: 08 != 00 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7e3000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bba3cb0 / 0x0003cb0: 40 != e9 2d88.4da0: 00007ffd8bba3cb1 / 0x0003cb1: 55 != 44 2d88.4da0: 00007ffd8bba3cb2 / 0x0003cb2: 53 != ca 2d88.4da0: 00007ffd8bba3cb3 / 0x0003cb3: 56 != a8 2d88.4da0: 00007ffd8bba3cb4 / 0x0003cb4: 57 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bba3000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bba9c70 / 0x0009c70: 48 != e9 2d88.4da0: 00007ffd8bba9c71 / 0x0009c71: 83 != 23 2d88.4da0: 00007ffd8bba9c72 / 0x0009c72: ec != 65 2d88.4da0: 00007ffd8bba9c73 / 0x0009c73: 38 != a8 2d88.4da0: 00007ffd8bba9c74 / 0x0009c74: b8 != 02 2d88.4da0: 00007ffd8bba9c75 / 0x0009c75: 03 != cc 2d88.4da0: 00007ffd8bba9c76 / 0x0009c76: 00 != cc 2d88.4da0: 00007ffd8bba9c77 / 0x0009c77: 00 != cc 2d88.4da0: 00007ffd8bba9c78 / 0x0009c78: 00 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bba9000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bbc2c70 / 0x0022c70: 40 != e9 2d88.4da0: 00007ffd8bbc2c71 / 0x0022c71: 53 != 1e 2d88.4da0: 00007ffd8bbc2c72 / 0x0022c72: 48 != da 2d88.4da0: 00007ffd8bbc2c73 / 0x0022c73: 83 != a6 2d88.4da0: 00007ffd8bbc2c74 / 0x0022c74: ec != 02 2d88.4da0: 00007ffd8bbc2c75 / 0x0022c75: 20 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbc1000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bbca330 / 0x002a330: 40 != e9 2d88.4da0: 00007ffd8bbca331 / 0x002a331: 55 != c3 2d88.4da0: 00007ffd8bbca332 / 0x002a332: 53 != 64 2d88.4da0: 00007ffd8bbca333 / 0x002a333: 56 != a6 2d88.4da0: 00007ffd8bbca334 / 0x002a334: 57 != 02 2d88.4da0: 00007ffd8bbca820 / 0x002a820: 4c != e9 2d88.4da0: 00007ffd8bbca821 / 0x002a821: 8b != 09 2d88.4da0: 00007ffd8bbca822 / 0x002a822: dc != 5d 2d88.4da0: 00007ffd8bbca823 / 0x002a823: 48 != a6 2d88.4da0: 00007ffd8bbca824 / 0x002a824: 83 != 02 2d88.4da0: 00007ffd8bbca825 / 0x002a825: ec != cc 2d88.4da0: 00007ffd8bbca826 / 0x002a826: 68 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbc9000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bbcdad0 / 0x002dad0: 4c != e9 2d88.4da0: 00007ffd8bbcdad1 / 0x002dad1: 8b != f4 2d88.4da0: 00007ffd8bbcdad2 / 0x002dad2: dc != 28 2d88.4da0: 00007ffd8bbcdad3 / 0x002dad3: 53 != a6 2d88.4da0: 00007ffd8bbcdad4 / 0x002dad4: 56 != 02 2d88.4da0: 00007ffd8bbce3c0 / 0x002e3c0: 4c != e9 2d88.4da0: 00007ffd8bbce3c1 / 0x002e3c1: 89 != d0 2d88.4da0: 00007ffd8bbce3c2 / 0x002e3c2: 4c != 20 2d88.4da0: 00007ffd8bbce3c3 / 0x002e3c3: 24 != a6 2d88.4da0: 00007ffd8bbce3c4 / 0x002e3c4: 20 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbcd000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bbd1d50 / 0x0031d50: 40 != e9 2d88.4da0: 00007ffd8bbd1d51 / 0x0031d51: 53 != 73 2d88.4da0: 00007ffd8bbd1d52 / 0x0031d52: 56 != e7 2d88.4da0: 00007ffd8bbd1d53 / 0x0031d53: 57 != a5 2d88.4da0: 00007ffd8bbd1d54 / 0x0031d54: 41 != 02 2d88.4da0: 00007ffd8bbd1d55 / 0x0031d55: 54 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbd1000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bbe5560 / 0x0045560: 48 != e9 2d88.4da0: 00007ffd8bbe5561 / 0x0045561: 89 != 2c 2d88.4da0: 00007ffd8bbe5562 / 0x0045562: 5c != b3 2d88.4da0: 00007ffd8bbe5563 / 0x0045563: 24 != a4 2d88.4da0: 00007ffd8bbe5564 / 0x0045564: 18 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbe5000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bbf1ee0 / 0x0051ee0: 48 != e9 2d88.4da0: 00007ffd8bbf1ee1 / 0x0051ee1: 83 != e0 2d88.4da0: 00007ffd8bbf1ee2 / 0x0051ee2: ec != e8 2d88.4da0: 00007ffd8bbf1ee3 / 0x0051ee3: 38 != a3 2d88.4da0: 00007ffd8bbf1ee4 / 0x0051ee4: 48 != 02 2d88.4da0: 00007ffd8bbf1ee5 / 0x0051ee5: 83 != cc 2d88.4da0: 00007ffd8bbf1ee6 / 0x0051ee6: 64 != cc 2d88.4da0: 00007ffd8bbf1ee7 / 0x0051ee7: 24 != cc 2d88.4da0: 00007ffd8bbf1ee8 / 0x0051ee8: 28 != cc 2d88.4da0: 00007ffd8bbf1ee9 / 0x0051ee9: 00 != cc 2d88.4da0: 00007ffd8bbf1f10 / 0x0051f10: 48 != e9 2d88.4da0: 00007ffd8bbf1f11 / 0x0051f11: 83 != 4a 2d88.4da0: 00007ffd8bbf1f12 / 0x0051f12: ec != e8 2d88.4da0: 00007ffd8bbf1f13 / 0x0051f13: 38 != a3 2d88.4da0: 00007ffd8bbf1f14 / 0x0051f14: 48 != 02 2d88.4da0: 00007ffd8bbf1f15 / 0x0051f15: 83 != cc 2d88.4da0: 00007ffd8bbf1f16 / 0x0051f16: 64 != cc 2d88.4da0: 00007ffd8bbf1f17 / 0x0051f17: 24 != cc 2d88.4da0: 00007ffd8bbf1f18 / 0x0051f18: 28 != cc 2d88.4da0: 00007ffd8bbf1f19 / 0x0051f19: 00 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbf1000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc0af70 / 0x006af70: 40 != e9 2d88.4da0: 00007ffd8bc0af71 / 0x006af71: 53 != ef 2d88.4da0: 00007ffd8bc0af72 / 0x006af72: 48 != 52 2d88.4da0: 00007ffd8bc0af73 / 0x006af73: 83 != a2 2d88.4da0: 00007ffd8bc0af74 / 0x006af74: ec != 02 2d88.4da0: 00007ffd8bc0af75 / 0x006af75: 30 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc09000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc0be50 / 0x006be50: 48 != e9 2d88.4da0: 00007ffd8bc0be51 / 0x006be51: 89 != 39 2d88.4da0: 00007ffd8bc0be52 / 0x006be52: 5c != 4d 2d88.4da0: 00007ffd8bc0be53 / 0x006be53: 24 != a2 2d88.4da0: 00007ffd8bc0be54 / 0x006be54: 10 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc0b000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc0e7c0 / 0x006e7c0: 48 != e9 2d88.4da0: 00007ffd8bc0e7c1 / 0x006e7c1: 89 != 6c 2d88.4da0: 00007ffd8bc0e7c2 / 0x006e7c2: 5c != 1a 2d88.4da0: 00007ffd8bc0e7c3 / 0x006e7c3: 24 != a2 2d88.4da0: 00007ffd8bc0e7c4 / 0x006e7c4: 08 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc0d000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc130f0 / 0x00730f0: 48 != e9 2d88.4da0: 00007ffd8bc130f1 / 0x00730f1: 8b != 9f 2d88.4da0: 00007ffd8bc130f2 / 0x00730f2: c4 != d4 2d88.4da0: 00007ffd8bc130f3 / 0x00730f3: 48 != a1 2d88.4da0: 00007ffd8bc130f4 / 0x00730f4: 89 != 02 2d88.4da0: 00007ffd8bc130f5 / 0x00730f5: 58 != cc 2d88.4da0: 00007ffd8bc130f6 / 0x00730f6: 08 != cc 2d88.4da0: 00007ffd8bc14290 / 0x0074290: 89 != e9 2d88.4da0: 00007ffd8bc14291 / 0x0074291: 4c != c6 2d88.4da0: 00007ffd8bc14292 / 0x0074292: 24 != c8 2d88.4da0: 00007ffd8bc14293 / 0x0074293: 08 != a1 2d88.4da0: 00007ffd8bc14294 / 0x0074294: 48 != 02 2d88.4da0: 00007ffd8bc14295 / 0x0074295: 83 != cc 2d88.4da0: 00007ffd8bc14296 / 0x0074296: ec != cc 2d88.4da0: 00007ffd8bc14297 / 0x0074297: 38 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc13000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc16210 / 0x0076210: 4c != e9 2d88.4da0: 00007ffd8bc16211 / 0x0076211: 8b != 16 2d88.4da0: 00007ffd8bc16212 / 0x0076212: dc != a6 2d88.4da0: 00007ffd8bc16213 / 0x0076213: 48 != a1 2d88.4da0: 00007ffd8bc16214 / 0x0076214: 83 != 02 2d88.4da0: 00007ffd8bc16215 / 0x0076215: ec != cc 2d88.4da0: 00007ffd8bc16216 / 0x0076216: 68 != cc 2d88.4da0: 00007ffd8bc164b0 / 0x00764b0: 4c != e9 2d88.4da0: 00007ffd8bc164b1 / 0x00764b1: 8b != a9 2d88.4da0: 00007ffd8bc164b2 / 0x00764b2: dc != a3 2d88.4da0: 00007ffd8bc164b3 / 0x00764b3: 48 != a1 2d88.4da0: 00007ffd8bc164b4 / 0x00764b4: 83 != 02 2d88.4da0: 00007ffd8bc164b5 / 0x00764b5: ec != cc 2d88.4da0: 00007ffd8bc164b6 / 0x00764b6: 68 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc15000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc17ea0 / 0x0077ea0: 48 != e9 2d88.4da0: 00007ffd8bc17ea1 / 0x0077ea1: 89 != 1f 2d88.4da0: 00007ffd8bc17ea2 / 0x0077ea2: 5c != 8a 2d88.4da0: 00007ffd8bc17ea3 / 0x0077ea3: 24 != a1 2d88.4da0: 00007ffd8bc17ea4 / 0x0077ea4: 08 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc17000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc19400 / 0x0079400: 45 != e9 2d88.4da0: 00007ffd8bc19401 / 0x0079401: 33 != f2 2d88.4da0: 00007ffd8bc19402 / 0x0079402: c0 != 74 2d88.4da0: 00007ffd8bc19403 / 0x0079403: 33 != a1 2d88.4da0: 00007ffd8bc19404 / 0x0079404: d2 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc19000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc1be70 / 0x007be70: 48 != e9 2d88.4da0: 00007ffd8bc1be71 / 0x007be71: 89 != b3 2d88.4da0: 00007ffd8bc1be72 / 0x007be72: 5c != 4c 2d88.4da0: 00007ffd8bc1be73 / 0x007be73: 24 != a1 2d88.4da0: 00007ffd8bc1be74 / 0x007be74: 08 != 02 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc1b000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bc9ddb0 / 0x00fddb0: 48 != e9 2d88.4da0: 00007ffd8bc9ddb1 / 0x00fddb1: 83 != b0 2d88.4da0: 00007ffd8bc9ddb2 / 0x00fddb2: ec != 23 2d88.4da0: 00007ffd8bc9ddb3 / 0x00fddb3: 38 != 99 2d88.4da0: 00007ffd8bc9ddb4 / 0x00fddb4: b8 != 02 2d88.4da0: 00007ffd8bc9ddb5 / 0x00fddb5: 03 != cc 2d88.4da0: 00007ffd8bc9ddb6 / 0x00fddb6: 00 != cc 2d88.4da0: 00007ffd8bc9ddb7 / 0x00fddb7: 00 != cc 2d88.4da0: 00007ffd8bc9ddb8 / 0x00fddb8: 00 != cc 2d88.4da0: 00007ffd8bc9dde0 / 0x00fdde0: 48 != e9 2d88.4da0: 00007ffd8bc9dde1 / 0x00fdde1: 83 != 1a 2d88.4da0: 00007ffd8bc9dde2 / 0x00fdde2: ec != 23 2d88.4da0: 00007ffd8bc9dde3 / 0x00fdde3: 38 != 99 2d88.4da0: 00007ffd8bc9dde4 / 0x00fdde4: 33 != 02 2d88.4da0: 00007ffd8bc9dde5 / 0x00fdde5: c0 != cc 2d88.4da0: 00007ffd8bc9de60 / 0x00fde60: 48 != e9 2d88.4da0: 00007ffd8bc9de61 / 0x00fde61: 83 != cd 2d88.4da0: 00007ffd8bc9de62 / 0x00fde62: ec != 22 2d88.4da0: 00007ffd8bc9de63 / 0x00fde63: 38 != 99 2d88.4da0: 00007ffd8bc9de64 / 0x00fde64: 33 != 02 2d88.4da0: 00007ffd8bc9de65 / 0x00fde65: c0 != cc 2d88.4da0: 00007ffd8bc9e2e0 / 0x00fe2e0: 40 != e9 2d88.4da0: 00007ffd8bc9e2e1 / 0x00fe2e1: 53 != 45 2d88.4da0: 00007ffd8bc9e2e2 / 0x00fe2e2: 48 != 26 2d88.4da0: 00007ffd8bc9e2e3 / 0x00fe2e3: 81 != 99 2d88.4da0: 00007ffd8bc9e2e4 / 0x00fe2e4: ec != 02 2d88.4da0: 00007ffd8bc9e2e5 / 0x00fe2e5: 90 != cc 2d88.4da0: 00007ffd8bc9e2e6 / 0x00fe2e6: 00 != cc 2d88.4da0: 00007ffd8bc9e2e7 / 0x00fe2e7: 00 != cc 2d88.4da0: 00007ffd8bc9e2e8 / 0x00fe2e8: 00 != cc 2d88.4da0: 00007ffd8bc9ec90 / 0x00fec90: 40 != e9 2d88.4da0: 00007ffd8bc9ec91 / 0x00fec91: 53 != 04 2d88.4da0: 00007ffd8bc9ec92 / 0x00fec92: 48 != 14 2d88.4da0: 00007ffd8bc9ec93 / 0x00fec93: 83 != 99 2d88.4da0: 00007ffd8bc9ec94 / 0x00fec94: ec != 02 2d88.4da0: 00007ffd8bc9ec95 / 0x00fec95: 30 != cc 2d88.4da0: 00007ffd8bc9eed0 / 0x00feed0: 40 != e9 2d88.4da0: 00007ffd8bc9eed1 / 0x00feed1: 53 != f7 2d88.4da0: 00007ffd8bc9eed2 / 0x00feed2: 48 != 11 2d88.4da0: 00007ffd8bc9eed3 / 0x00feed3: 83 != 99 2d88.4da0: 00007ffd8bc9eed4 / 0x00feed4: ec != 02 2d88.4da0: 00007ffd8bc9eed5 / 0x00feed5: 30 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc9d000 2d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory: 2d88.4da0: 00007ffd8bca6ff0 / 0x0106ff0: 4c != e9 2d88.4da0: 00007ffd8bca6ff1 / 0x0106ff1: 8b != a1 2d88.4da0: 00007ffd8bca6ff2 / 0x0106ff2: dc != 93 2d88.4da0: 00007ffd8bca6ff3 / 0x0106ff3: 48 != 98 2d88.4da0: 00007ffd8bca6ff4 / 0x0106ff4: 83 != 02 2d88.4da0: 00007ffd8bca6ff5 / 0x0106ff5: ec != cc 2d88.4da0: 00007ffd8bca6ff6 / 0x0106ff6: 48 != cc 2d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bca5000 2d88.4da0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=28 2d88.4da0: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202 2d88.4da0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports 2d88.4da0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) 2d88.4da0: supR3HardNtEnableThreadCreationEx: 2d88.4da0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd8e4a4930 pvNtTerminateThread=00007ffd8e4cd070 2d88.4da0: supR3HardenedWinDoReSpawn(1): New child 2134.3aa8 [kernel32]. 2d88.4da0: supR3HardNtChildGatherData: PebBaseAddress=0000000001185000 cbPeb=0x388 2d88.4da0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd8e430000 uNtDllChildAddr=00007ffd8e430000 2d88.4da0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd8e4a4930 2d88.4da0: supR3HardenedWinSetupChildInit: Initial context: rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d0f97900 rdx=0000000001185000 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000 rip=00007ffd8e47d220 rsp=00000000012ff938 rbp=0000000000000000 ctxflags=0010001b cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000 2d88.4da0: supR3HardenedWinSetupChildInit: Start child. 2d88.4da0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms. 2d88.4da0: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 17 sleeps 2d88.4da0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 2d88.4da0: *0000000000000000-0000000000efffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000f00000-0000000000f1ffff 0x0004/0x0004 0x0020000 2d88.4da0: *0000000000f20000-0000000000f3cfff 0x0002/0x0002 0x0040000 2d88.4da0: 0000000000f3d000-0000000000f3ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000f40000-0000000000f43fff 0x0002/0x0002 0x0040000 2d88.4da0: 0000000000f44000-0000000000f4ffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000000f50000-0000000000f51fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000000f52000-0000000000ffffff 0x0001/0x0000 0x0000000 2d88.4da0: *0000000001000000-0000000001184fff 0x0000/0x0004 0x0020000 2d88.4da0: 0000000001185000-0000000001187fff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000001188000-00000000011fffff 0x0000/0x0004 0x0020000 2d88.4da0: *0000000001200000-00000000012fafff 0x0000/0x0004 0x0020000 2d88.4da0: 00000000012fb000-00000000012fdfff 0x0104/0x0004 0x0020000 2d88.4da0: 00000000012fe000-00000000012fffff 0x0004/0x0004 0x0020000 2d88.4da0: 0000000001300000-000000007ffdffff 0x0001/0x0000 0x0000000 2d88.4da0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 2d88.4da0: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000 2d88.4da0: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000 2d88.4da0: 000000007fff0000-00007ff5f309ffff 0x0001/0x0000 0x0000000 2d88.4da0: *00007ff5f30a0000-00007ff5f30a0fff 0x0020/0x0004 0x0020000 !! 2d88.4da0: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00007ff5f30a0000 (LB 0x1000, 00007ff5f30a0000 LB 0x1000) 2d88.4da0: 000000000182d090/0000: 16 00 20 00 00 00 00 00-10 00 0a f3 f5 7f 00 00 .. ............. 000000000182d0a0/0010: 61 00 74 00 63 00 75 00-66 00 36 00 34 00 2e 00 a.t.c.u.f.6.4... 000000000182d0b0/0020: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l........... 000000000182d0c0/0030: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r. 000000000182d0d0/0040: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s. 000000000182d0e0/0050: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e. 000000000182d0f0/0060: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t. 000000000182d100/0070: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r. 000000000182d110/0080: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t. 000000000182d120/0090: 79 00 5c 00 61 00 74 00-63 00 75 00 66 00 5c 00 y.\.a.t.c.u.f.\. 000000000182d130/00a0: 32 00 36 00 35 00 31 00-33 00 34 00 36 00 39 00 2.6.5.1.3.4.6.9. 000000000182d140/00b0: 38 00 35 00 34 00 39 00-38 00 33 00 39 00 39 00 8.5.4.9.8.3.9.9. 000000000182d150/00c0: 36 00 34 00 5c 00 00 00-00 00 00 00 00 00 00 00 6.4.\........... 000000000182d160/00d0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 000000000182d170/00e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 000000000182d180/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ 2d88.4da0: 000000000182d490/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ **************** **** 000000000182d4c0/0030: 16 00 20 00 00 00 00 00-40 04 0a f3 f5 7f 00 00 .. .....@....... 000000000182d4d0/0040: 62 00 64 00 68 00 6b 00-6d 00 36 00 34 00 2e 00 b.d.h.k.m.6.4... 000000000182d4e0/0050: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l........... 000000000182d4f0/0060: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r. 000000000182d500/0070: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s. 000000000182d510/0080: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e. 000000000182d520/0090: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t. 000000000182d530/00a0: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r. 000000000182d540/00b0: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t. 000000000182d550/00c0: 79 00 5c 00 62 00 64 00-68 00 6b 00 6d 00 5c 00 y.\.b.d.h.k.m.\. 000000000182d560/00d0: 32 00 36 00 35 00 31 00-33 00 34 00 36 00 39 00 2.6.5.1.3.4.6.9. 000000000182d570/00e0: 38 00 39 00 36 00 35 00-38 00 35 00 32 00 32 00 8.9.6.5.8.5.2.2. 000000000182d580/00f0: 39 00 37 00 5c 00 00 00-00 00 00 00 00 00 00 00 9.7.\........... 2d88.4da0: 000000000182d890/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ **************** **** 000000000182d8f0/0060: 60 46 46 8e fd 7f 00 00-10 d0 4c 8e fd 7f 00 00 `FF.......L..... 000000000182d900/0070: 48 89 5c 24 10 56 57 41-56 48 81 ec d0 00 00 00 H.\$.VWAVH...... 000000000182d910/0080: 48 83 ec 38 56 57 51 52-41 50 41 51 48 83 ec 40 H..8VWQRAPAQH..@ 000000000182d920/0090: 48 b9 ff ff ff ff ff ff-ff ff 48 8b 15 bf ff ff H.........H..... 000000000182d930/00a0: ff 48 89 54 24 38 48 8d-54 24 38 48 c7 44 24 28 .H.T$8H.T$8H.D$( 000000000182d940/00b0: 10 00 00 00 4c 8d 44 24-28 49 c7 c1 04 00 00 00 ....L.D$(I...... 000000000182d950/00c0: 48 8d 7c 24 30 48 89 7c-24 20 48 8b 05 97 ff ff H.|$0H.|$ H..... 000000000182d960/00d0: ff ff d0 85 c0 0f 88 00-01 00 00 48 8d 35 8e ff ...........H.5.. 000000000182d970/00e0: ff ff 48 8b 3d 77 ff ff-ff 48 c7 c1 10 00 00 00 ..H.=w...H...... 000000000182d980/00f0: fc f3 a4 48 b9 ff ff ff-ff ff ff ff ff 48 8b 15 ...H.........H.. 2d88.4da0: 000000000182d990/0000: 5c ff ff ff 48 89 54 24-38 48 8d 54 24 38 48 c7 \...H.T$8H.T$8H. 000000000182d9a0/0010: 44 24 28 10 00 00 00 4c-8d 44 24 28 4c 8b 4c 24 D$(....L.D$(L.L$ 000000000182d9b0/0020: 30 48 8d 7c 24 30 48 89-7c 24 20 48 8b 05 36 ff 0H.|$0H.|$ H..6. 000000000182d9c0/0030: ff ff ff d0 85 c0 0f 88-9f 00 00 00 48 83 c4 40 ............H..@ 000000000182d9d0/0040: 41 59 41 58 5a 59 5f 5e-48 8b 05 11 ff ff ff 48 AYAXZY_^H......H 000000000182d9e0/0050: 83 ec 20 ff d0 48 83 c4-20 85 c0 0f 88 86 00 00 .. ..H.. ....... 000000000182d9f0/0060: 00 65 48 8b 0c 25 60 00-00 00 ba 00 01 00 02 85 .eH..%`......... 000000000182da00/0070: 91 bc 00 00 00 75 70 48-8d 0d e2 fa ff ff 48 c7 .....upH......H. 000000000182da10/0080: c2 00 00 00 00 4c 8d 05-a4 fa ff ff 4c 8d 4c 24 .....L......L.L$ 000000000182da20/0090: 20 48 8b 05 c8 fe ff ff-48 83 ec 20 ff d0 48 83 H......H.. ..H. 000000000182da30/00a0: c4 20 85 c0 74 05 48 31-c0 eb 3c 48 8d 0d 7e f6 . ..t.H1.. 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001: [calling] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8bba0000 LB 0x002c9000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0] 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d780000 LB 0x000bd000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d780000 'C:\WINDOWS\System32\KERNEL32.DLL' 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ff6d0f90000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202 2134.3aa8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 2134.3aa8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd8e4a4930 pvNtTerminateThread=00007ffd8e4cd070 2d88.4da0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 94 ms. 2134.3aa8: \SystemRoot\System32\ntdll.dll: 2134.3aa8: CreationTime: 2021-02-10T08:58:42.901506300Z 2134.3aa8: LastWriteTime: 2021-02-10T08:58:42.938596800Z 2134.3aa8: ChangeTime: 2021-02-10T09:05:05.536104000Z 2134.3aa8: FileAttributes: 0x20 2134.3aa8: Size: 0x1ee738 2134.3aa8: NT Headers: 0xe8 2134.3aa8: Timestamp: 0x4544b4a1 2134.3aa8: Machine: 0x8664 - amd64 2134.3aa8: Timestamp: 0x4544b4a1 2134.3aa8: Image Version: 10.0 2134.3aa8: SizeOfImage: 0x1f6000 (2056192) 2134.3aa8: Resource Dir: 0x185000 LB 0x6fd28 2134.3aa8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 2134.3aa8: [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)] 2134.3aa8: ProductName: Microsoft® Windows® Operating System 2134.3aa8: ProductVersion: 10.0.19041.804 2134.3aa8: FileVersion: 10.0.19041.804 (WinBuild.160101.0800) 2134.3aa8: FileDescription: NT Layer DLL 2134.3aa8: \SystemRoot\System32\kernel32.dll: 2134.3aa8: CreationTime: 2021-02-10T08:58:25.426714300Z 2134.3aa8: LastWriteTime: 2021-02-10T08:58:25.442671300Z 2134.3aa8: ChangeTime: 2021-02-10T09:04:58.116182100Z 2134.3aa8: FileAttributes: 0x20 2134.3aa8: Size: 0xbac30 2134.3aa8: NT Headers: 0xe8 2134.3aa8: Timestamp: 0xd714134a 2134.3aa8: Machine: 0x8664 - amd64 2134.3aa8: Timestamp: 0xd714134a 2134.3aa8: Image Version: 10.0 2134.3aa8: SizeOfImage: 0xbd000 (774144) 2134.3aa8: Resource Dir: 0xbb000 LB 0x520 2134.3aa8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 2134.3aa8: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 2134.3aa8: ProductName: Microsoft® Windows® Operating System 2134.3aa8: ProductVersion: 10.0.19041.804 2134.3aa8: FileVersion: 10.0.19041.804 (WinBuild.160101.0800) 2134.3aa8: FileDescription: Windows NT BASE API Client DLL 2134.3aa8: \SystemRoot\System32\KernelBase.dll: 2134.3aa8: CreationTime: 2021-02-10T08:58:43.707640700Z 2134.3aa8: LastWriteTime: 2021-02-10T08:58:43.772474700Z 2134.3aa8: ChangeTime: 2021-02-10T09:05:03.762498300Z 2134.3aa8: FileAttributes: 0x20 2134.3aa8: Size: 0x2c9798 2134.3aa8: NT Headers: 0xf0 2134.3aa8: Timestamp: 0xe9c5eae 2134.3aa8: Machine: 0x8664 - amd64 2134.3aa8: Timestamp: 0xe9c5eae 2134.3aa8: Image Version: 10.0 2134.3aa8: SizeOfImage: 0x2c9000 (2920448) 2134.3aa8: Resource Dir: 0x2a0000 LB 0x548 2134.3aa8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 2134.3aa8: [Raw version resource data: 0x2a00b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 2134.3aa8: ProductName: Microsoft® Windows® Operating System 2134.3aa8: ProductVersion: 10.0.19041.804 2134.3aa8: FileVersion: 10.0.19041.804 (WinBuild.160101.0800) 2134.3aa8: FileDescription: Windows NT BASE API Client DLL 2134.3aa8: \SystemRoot\System32\apisetschema.dll: 2134.3aa8: CreationTime: 2019-12-07T09:08:13.518339400Z 2134.3aa8: LastWriteTime: 2019-12-07T09:08:13.518339400Z 2134.3aa8: ChangeTime: 2021-02-10T08:59:44.500161100Z 2134.3aa8: FileAttributes: 0x20 2134.3aa8: Size: 0x1f538 2134.3aa8: NT Headers: 0xd0 2134.3aa8: Timestamp: 0x31288ce0 2134.3aa8: Machine: 0x8664 - amd64 2134.3aa8: Timestamp: 0x31288ce0 2134.3aa8: Image Version: 10.0 2134.3aa8: SizeOfImage: 0x20000 (131072) 2134.3aa8: Resource Dir: 0x1f000 LB 0x408 2134.3aa8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 2134.3aa8: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 2134.3aa8: ProductName: Microsoft® Windows® Operating System 2134.3aa8: ProductVersion: 10.0.19041.1 2134.3aa8: FileVersion: 10.0.19041.1 (WinBuild.160101.0800) 2134.3aa8: FileDescription: ApiSet Schema DLL 2134.3aa8: NtOpenDirectoryObject failed on \Driver: 0xc0000022 2134.3aa8: supR3HardenedWinFindAdversaries: 0x0 2134.3aa8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 2134.3aa8: Calling main() 2134.3aa8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2 2134.3aa8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202 2134.3aa8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) 2134.3aa8: SUPR3HardenedMain: Respawn #2 2134.3aa8: supR3HardNtEnableThreadCreationEx: 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8ca80000 LB 0x0012b000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0] 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cbb0000 LB 0x0009c000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll 2134.3aa8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8e430000 'C:\WINDOWS\System32\ntdll.dll' 2134.3aa8: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) 2134.3aa8: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment test2 --startvm 3abffdad-344a-4006-8067-7a840fdce9e3 --no-startvm-errormsgbox "--sup-hardening-log=E:\Virtual Boxes\test2\Logs\VBoxHardening.log"' 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #72 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #74 'gdi32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 2134.3aa8: '\Device\HarddiskVolume3\Windows\System32\win32u.dll' has no imports 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c980000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c5f0000 LB 0x000ac000 C:\WINDOWS\System32\ADVAPI32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8bb70000 LB 0x00022000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c1e0000 LB 0x00100000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0] 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c3f0000 LB 0x0009d000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c2e0000 LB 0x0010b000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c560000 LB 0x0002a000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cfe0000 LB 0x001a0000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cc50000 LB 0x00356000 C:\WINDOWS\System32\combase.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd68750000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd68780000 LB 0x00125000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 000000006a1f0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069670000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d6a0000 LB 0x0006b000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2d230000 LB 0x005e1000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d920000 LB 0x00742000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c6a0000 LB 0x0012a000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd6af20000 LB 0x0001d000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069c80000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2cc30000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069710000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c490000 LB 0x000cd000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2d820000 LB 0x02317000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069460000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd85be0000 LB 0x00027000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd49ec0000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-localization-l1-2-1' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d780000 'C:\WINDOWS\System32\kernel32.dll' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-string-l1-1-0' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-datetime-l1-1-1' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-localization-obsolete-l1-2-0' 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cfb0000 LB 0x00030000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfb0000 'C:\WINDOWS\system32\IMM32.DLL' 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\edgegdi.dll': 0 (NtPath=\??\C:\WINDOWS\System32\edgegdi.dll; Input=edgegdi.dll; rcNtGetDll=0xc0000135 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\edgegdi.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8c5f0000 'C:\WINDOWS\System32\ADVAPI32.DLL' 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8b4d0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c160000 LB 0x00080000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0] 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd49ec0000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll' 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'wldp.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wldp.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wldp.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8b5d0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\Wldp.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wldp.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd89ab0000 LB 0x00790000 C:\WINDOWS\SYSTEM32\windows.storage.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8e080000 LB 0x000ae000 C:\WINDOWS\System32\SHCORE.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'combase.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8ca20000 LB 0x00055000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldp.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldp.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldp.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wldp.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d780000 'C:\WINDOWS\System32\kernel32.dll' 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8baa0000 LB 0x00026000 C:\WINDOWS\SYSTEM32\profapi.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust] 2134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2cb00000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2cb00000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll' 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8a490000 LB 0x00012000 C:\WINDOWS\SYSTEM32\kernel.appcore.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd89350000 LB 0x0009e000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd89350000 'C:\WINDOWS\system32\uxtheme.dll' 2134.3aa8: \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll: Signature #1/3: VERR_CR_X509_CPV_NO_TRUSTED_PATHS (-23021) w/ timestamp=0x5f3bd8a2/link. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=c:\program files (x86)\trusteer\rapport\bin\x64\rooksbas_x64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd52b90000 LB 0x001d0000 c:\program files (x86)\trusteer\rapport\bin\x64\rooksbas_x64.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-localization-l1-2-1' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-sysinfo-l1-2-1) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-sysinfo-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-sysinfo-l1-2-1' 2134.3aa8: '\Device\HarddiskVolume3\Windows\System32\tzres.dll' has no imports 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\tzres.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\tzres.dll 2134.3aa8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000378 (hFile=0000000000000370) with 0xc0000022 -> STATUS_TRUST_FAILURE 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\tzres.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000370 (hFile=0000000000000378) with 0xc0000022 -> STATUS_TRUST_FAILURE 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd52b90000 'c:\program files (x86)\trusteer\rapport\bin\x64\rooksbas_x64.dll' 2134.3220: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3220: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8ca80000 'C:\WINDOWS\System32\rpcrt4.dll' 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfe0000 'C:\WINDOWS\system32\user32.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d920000 'C:\WINDOWS\system32\shell32.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8e080000 'C:\WINDOWS\system32\SHCore.dll' 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd85be0000 'C:\WINDOWS\system32\winmm.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd85be0000 'C:\WINDOWS\system32\winmm.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d920000 'C:\WINDOWS\system32\shell32.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd89350000 'C:\WINDOWS\system32\uxtheme.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8c560000 'C:\WINDOWS\system32\gdi32.dll' 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8e270000 LB 0x00115000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'imm32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d5f0000 LB 0x000a9000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'd3d11.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'dcomp.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume3\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dcomp.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dcomp.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dxgi.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'win32u.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8a5d0000 LB 0x000f3000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd87890000 LB 0x00264000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88680000 LB 0x001e7000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd52aa0000 LB 0x0003e000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8c560000 'C:\WINDOWS\System32\gdi32.dll' 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd52aa0000 'C:\WINDOWS\system32\dataexchange.dll' 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'msvcp_win.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd85fa0000 LB 0x00201000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd6c2f0000 LB 0x00026000 C:\WINDOWS\SYSTEM32\winmmbase.dll [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coreuicomponents.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'coremessaging.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'rpcrt4.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'ws2_32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntmarta.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntmarta.dll 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8a8b0000 LB 0x00033000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntmarta.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88f50000 LB 0x000f2000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88520000 LB 0x00154000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88bf0000 LB 0x0035e000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd79df0000 LB 0x000fb000 C:\WINDOWS\SYSTEM32\textinputframework.dll [fFlags=0x0] 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfe0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfe0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll' 2134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cc50000 'api-ms-win-core-com-l1-1-0.dll' 2134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume3\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'. 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'. 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'. 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) 2134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8c0e0000 LB 0x0004e000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll) 2134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8b910000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0] 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 2134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust] 2134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd83860000 LB 0x00085000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 2134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8e270000 'C:\WINDOWS\System32\MSCTF.dll' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ksuser.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'avrt.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd824d0000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd85570000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd74d60000 LB 0x00046000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd83860000 'C:\WINDOWS\System32\MMDEVAPI.DLL' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 2134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8b580000 LB 0x0004b000 C:\WINDOWS\SYSTEM32\powrprof.dll [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd83920000 LB 0x00185000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\umpdc.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\umpdc.dll 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8b560000 LB 0x00012000 C:\WINDOWS\SYSTEM32\UMPDC.dll [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\umpdc.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd83920000 'C:\WINDOWS\System32\AUDIOSES.DLL' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv' 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd7a330000 LB 0x0001e000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd7a590000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv' 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 2134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. 2134.499c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\midimap.dll) 2134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 2134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 2134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedDllNotificationCallback: load 00007ffd7a1c0000 LB 0x0000b000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0] 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll' 2134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust] 2134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] 2134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll' 2134.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 2134.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] 2134.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd83860000 'C:\WINDOWS\System32\MMDevApi.dll' 2d88.4da0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 63160 ms, the end);