416c.4cc: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047bb00 416c.4cc: \SystemRoot\System32\ntdll.dll: 416c.4cc: CreationTime: 2020-04-25T14:04:34.102606900Z 416c.4cc: LastWriteTime: 2020-04-25T14:04:34.149204200Z 416c.4cc: ChangeTime: 2020-08-12T01:15:51.432397900Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x1e8460 416c.4cc: NT Headers: 0xd8 416c.4cc: Timestamp: 0xb29ecf52 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0xb29ecf52 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0x1f0000 (2031616) 416c.4cc: Resource Dir: 0x17f000 LB 0x6f310 416c.4cc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Microsoft® Windows® Operating System 416c.4cc: ProductVersion: 10.0.18362.815 416c.4cc: FileVersion: 10.0.18362.815 (WinBuild.160101.0800) 416c.4cc: FileDescription: NT Layer DLL 416c.4cc: \SystemRoot\System32\kernel32.dll: 416c.4cc: CreationTime: 2020-07-14T22:22:33.967872500Z 416c.4cc: LastWriteTime: 2020-07-14T22:22:33.988766200Z 416c.4cc: ChangeTime: 2020-08-12T01:15:50.259080500Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0xb0498 416c.4cc: NT Headers: 0xe8 416c.4cc: Timestamp: 0xce6bbd73 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0xce6bbd73 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0xb2000 (729088) 416c.4cc: Resource Dir: 0xb0000 LB 0x520 416c.4cc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Microsoft® Windows® Operating System 416c.4cc: ProductVersion: 10.0.18362.959 416c.4cc: FileVersion: 10.0.18362.959 (WinBuild.160101.0800) 416c.4cc: FileDescription: Windows NT BASE API Client DLL 416c.4cc: \SystemRoot\System32\KernelBase.dll: 416c.4cc: CreationTime: 2020-08-12T01:14:30.017748800Z 416c.4cc: LastWriteTime: 2020-08-12T01:14:30.095769900Z 416c.4cc: ChangeTime: 2020-08-12T03:48:36.759556200Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x2a3868 416c.4cc: NT Headers: 0xf8 416c.4cc: Timestamp: 0x91b9349a 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x91b9349a 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0x2a4000 (2768896) 416c.4cc: Resource Dir: 0x27e000 LB 0x548 416c.4cc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Microsoft® Windows® Operating System 416c.4cc: ProductVersion: 10.0.18362.997 416c.4cc: FileVersion: 10.0.18362.997 (WinBuild.160101.0800) 416c.4cc: FileDescription: Windows NT BASE API Client DLL 416c.4cc: \SystemRoot\System32\apisetschema.dll: 416c.4cc: CreationTime: 2019-03-19T04:43:54.837151500Z 416c.4cc: LastWriteTime: 2019-03-19T04:43:54.837151500Z 416c.4cc: ChangeTime: 2020-08-12T01:15:50.205068400Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x1d028 416c.4cc: NT Headers: 0xc8 416c.4cc: Timestamp: 0xd6ced080 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0xd6ced080 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0x1e000 (122880) 416c.4cc: Resource Dir: 0x1d000 LB 0x408 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Microsoft® Windows® Operating System 416c.4cc: ProductVersion: 10.0.18362.1 416c.4cc: FileVersion: 10.0.18362.1 (WinBuild.160101.0800) 416c.4cc: FileDescription: ApiSet Schema DLL 416c.4cc: NtOpenDirectoryObject failed on \Driver: 0xc0000022 416c.4cc: supR3HardenedWinFindAdversaries: 0xa0 416c.4cc: \SystemRoot\System32\drivers\cfwids.sys: 416c.4cc: CreationTime: 2018-12-10T07:03:26.000000000Z 416c.4cc: LastWriteTime: 2020-04-09T14:15:22.000000000Z 416c.4cc: ChangeTime: 2020-07-03T23:00:27.346782600Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x127b8 416c.4cc: NT Headers: 0xf0 416c.4cc: Timestamp: 0x5e7a0da1 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5e7a0da1 416c.4cc: Image Version: 0.0 416c.4cc: SizeOfImage: 0x14000 (81920) 416c.4cc: Resource Dir: 0x12000 LB 0x550 416c.4cc: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x120a0 LB 0x318, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: SYSCORE 416c.4cc: ProductVersion: 20.4.0.155 416c.4cc: FileVersion: SYSCORE.20.4.0.155 416c.4cc: PrivateBuild: SYSCORE.20.4.0.155 416c.4cc: FileDescription: McAfee Personal Firewall IDS Plugin 416c.4cc: \SystemRoot\System32\drivers\mfeavfk.sys: 416c.4cc: CreationTime: 2018-12-10T07:03:26.000000000Z 416c.4cc: LastWriteTime: 2020-04-09T14:15:22.000000000Z 416c.4cc: ChangeTime: 2020-07-03T23:00:22.931792200Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x5d5b8 416c.4cc: NT Headers: 0xe8 416c.4cc: Timestamp: 0x5e7a0d35 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5e7a0d35 416c.4cc: Image Version: 0.0 416c.4cc: SizeOfImage: 0x5e000 (385024) 416c.4cc: Resource Dir: 0x5c000 LB 0x758 416c.4cc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x5c110 LB 0x334, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: SYSCORE 416c.4cc: ProductVersion: 20.4.0.155 416c.4cc: FileVersion: SYSCORE.20.4.0.155 416c.4cc: PrivateBuild: SYSCORE.20.4.0.155 F15,F16,F19 416c.4cc: FileDescription: Anti-Virus File System Filter Driver 416c.4cc: \SystemRoot\System32\drivers\mfefirek.sys: 416c.4cc: CreationTime: 2018-12-10T07:03:26.000000000Z 416c.4cc: LastWriteTime: 2020-04-09T14:15:22.000000000Z 416c.4cc: ChangeTime: 2020-07-03T23:00:20.962130100Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x7f5b0 416c.4cc: NT Headers: 0xe0 416c.4cc: Timestamp: 0x5e7a0d81 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5e7a0d81 416c.4cc: Image Version: 0.0 416c.4cc: SizeOfImage: 0x81000 (528384) 416c.4cc: Resource Dir: 0x7d000 LB 0x388 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x7d060 LB 0x328, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: SYSCORE 416c.4cc: ProductVersion: 20.4.0.155 416c.4cc: FileVersion: SYSCORE.20.4.0.155 416c.4cc: PrivateBuild: SYSCORE.20.4.0.155 F17,F18 416c.4cc: FileDescription: McAfee Core Firewall Engine Driver 416c.4cc: \SystemRoot\System32\drivers\mfehidk.sys: 416c.4cc: CreationTime: 2018-12-10T07:03:26.000000000Z 416c.4cc: LastWriteTime: 2020-04-09T14:15:22.000000000Z 416c.4cc: ChangeTime: 2020-07-03T23:00:11.638981800Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0xf45b0 416c.4cc: NT Headers: 0xf8 416c.4cc: Timestamp: 0x5e7a0d05 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5e7a0d05 416c.4cc: Image Version: 0.0 416c.4cc: SizeOfImage: 0xfe000 (1040384) 416c.4cc: Resource Dir: 0xfa000 LB 0x758 416c.4cc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0xfa110 LB 0x320, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: SYSCORE 416c.4cc: ProductVersion: 20.4.0.155 416c.4cc: FileVersion: SYSCORE.20.4.0.155 416c.4cc: PrivateBuild: SYSCORE.20.4.0.155 F14,F15,F16,F18,F20 416c.4cc: FileDescription: McAfee Link Driver 416c.4cc: \SystemRoot\System32\drivers\mfencbdc.sys: 416c.4cc: CreationTime: 2018-11-19T06:44:58.000000000Z 416c.4cc: LastWriteTime: 2020-05-01T07:55:06.000000000Z 416c.4cc: ChangeTime: 2020-07-03T23:03:36.104665700Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x91688 416c.4cc: NT Headers: 0xe0 416c.4cc: Timestamp: 0x5e4d96a0 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5e4d96a0 416c.4cc: Image Version: 0.0 416c.4cc: SizeOfImage: 0x95000 (610304) 416c.4cc: Resource Dir: 0x93000 LB 0x458 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x93060 LB 0x3f4, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Anti-Malware Core 416c.4cc: ProductVersion: 20.3.0 416c.4cc: FileVersion: Anti-Malware Core.20.3.0.108.x64 416c.4cc: PrivateBuild: Anti-Malware Core.20.3.0.108.x64 416c.4cc: FileDescription: Event Driver 416c.4cc: \SystemRoot\System32\drivers\mfewfpk.sys: 416c.4cc: CreationTime: 2018-12-10T07:03:26.000000000Z 416c.4cc: LastWriteTime: 2020-04-09T14:15:22.000000000Z 416c.4cc: ChangeTime: 2020-07-03T23:00:06.372118900Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x3d9b0 416c.4cc: NT Headers: 0xf0 416c.4cc: Timestamp: 0x5e7a0d11 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5e7a0d11 416c.4cc: Image Version: 0.0 416c.4cc: SizeOfImage: 0x59000 (364544) 416c.4cc: Resource Dir: 0x57000 LB 0x380 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: SYSCORE 416c.4cc: ProductVersion: 20.4.0.155 416c.4cc: FileVersion: SYSCORE.20.4.0.155 416c.4cc: PrivateBuild: SYSCORE.20.4.0.155 F17,F18 416c.4cc: FileDescription: Anti-Virus Mini-Firewall Driver 416c.4cc: \SystemRoot\System32\drivers\MBAMSwissArmy.sys: 416c.4cc: CreationTime: 2020-05-28T00:36:55.568354000Z 416c.4cc: LastWriteTime: 2020-06-06T23:47:01.262970400Z 416c.4cc: ChangeTime: 2020-06-06T23:47:01.294977300Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x3cc88 416c.4cc: NT Headers: 0xf0 416c.4cc: Timestamp: 0x5dd55459 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5dd55459 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0x3f000 (258048) 416c.4cc: Resource Dir: 0x3d000 LB 0x3b8 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x3d060 LB 0x358, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Malwarebytes SwissArmy 416c.4cc: ProductVersion: 4.3.0.178 416c.4cc: FileVersion: 4.3.0.178 416c.4cc: FileDescription: Malwarebytes SwissArmy 416c.4cc: \SystemRoot\System32\drivers\mwac.sys: 416c.4cc: CreationTime: 2020-08-12T03:49:41.344382400Z 416c.4cc: LastWriteTime: 2020-08-12T03:49:41.344382400Z 416c.4cc: ChangeTime: 2020-08-12T03:49:41.391260900Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x200a0 416c.4cc: NT Headers: 0xe0 416c.4cc: Timestamp: 0x5ef0c401 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5ef0c401 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0x22000 (139264) 416c.4cc: Resource Dir: 0x20000 LB 0x380 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x20060 LB 0x320, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Malwarebytes Web Protection 416c.4cc: ProductVersion: 1.0.0.54 416c.4cc: FileVersion: 1.0.0.54 416c.4cc: FileDescription: Malwarebytes Web Protection 416c.4cc: \SystemRoot\System32\drivers\mbamchameleon.sys: 416c.4cc: CreationTime: 2020-02-07T23:46:25.185174900Z 416c.4cc: LastWriteTime: 2020-08-01T00:29:19.290572200Z 416c.4cc: ChangeTime: 2020-08-01T00:29:19.366589800Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x34bf8 416c.4cc: NT Headers: 0xf8 416c.4cc: Timestamp: 0x5ed916d3 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5ed916d3 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0x38000 (229376) 416c.4cc: Resource Dir: 0x36000 LB 0x3b8 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x36060 LB 0x358, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Malwarebytes Chameleon 416c.4cc: ProductVersion: 3.1.0.316 416c.4cc: FileVersion: 3.1.0.316 416c.4cc: FileDescription: Malwarebytes Chameleon 416c.4cc: \SystemRoot\System32\drivers\mbam.sys: 416c.4cc: CreationTime: 2020-08-12T03:49:46.516603500Z 416c.4cc: LastWriteTime: 2020-08-12T03:49:46.500977800Z 416c.4cc: ChangeTime: 2020-08-12T03:49:46.500977800Z 416c.4cc: FileAttributes: 0x20 416c.4cc: Size: 0x11e98 416c.4cc: NT Headers: 0xd8 416c.4cc: Timestamp: 0x5f04b5a9 416c.4cc: Machine: 0x8664 - amd64 416c.4cc: Timestamp: 0x5f04b5a9 416c.4cc: Image Version: 10.0 416c.4cc: SizeOfImage: 0x13000 (77824) 416c.4cc: Resource Dir: 0x11000 LB 0x3c0 416c.4cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 416c.4cc: [Raw version resource data: 0x11060 LB 0x360, codepage 0x0 (reserved 0x0)] 416c.4cc: ProductName: Malwarebytes Real-Time Protection 416c.4cc: ProductVersion: 3.1.0.193 416c.4cc: FileVersion: 3.1.0.193 416c.4cc: FileDescription: Malwarebytes Real-Time Protection 416c.4cc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 416c.4cc: Calling main() 416c.4cc: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2 416c.4cc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 416c.4cc: SUPR3HardenedMain: Respawn #1 416c.4cc: System32: \Device\HarddiskVolume4\Windows\System32 416c.4cc: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 416c.4cc: KnownDllPath: C:\WINDOWS\System32 416c.4cc: supR3HardenedWinInit: Performing a limited self purification... 416c.4cc: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION 416c.4cc: *0000000000000000-0000000000e1ffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000e20000-0000000000e2ffff 0x0004/0x0004 0x0040000 416c.4cc: 0000000000e30000-0000000000e3ffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000e40000-0000000000e5afff 0x0002/0x0002 0x0040000 416c.4cc: 0000000000e5b000-0000000000e5ffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000e60000-0000000000f10fff 0x0000/0x0004 0x0020000 416c.4cc: 0000000000f11000-0000000000f13fff 0x0104/0x0004 0x0020000 416c.4cc: 0000000000f14000-0000000000f5ffff 0x0004/0x0004 0x0020000 416c.4cc: *0000000000f60000-0000000000f63fff 0x0002/0x0002 0x0040000 416c.4cc: 0000000000f64000-0000000000f6ffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000f70000-0000000000f71fff 0x0004/0x0004 0x0020000 416c.4cc: 0000000000f72000-0000000000f7ffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000f80000-0000000000f81fff 0x0004/0x0004 0x0020000 416c.4cc: 0000000000f82000-0000000000fe1fff 0x0000/0x0004 0x0020000 416c.4cc: 0000000000fe2000-0000000000ffffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000001000000-000000000116cfff 0x0000/0x0004 0x0020000 416c.4cc: 000000000116d000-000000000116ffff 0x0004/0x0004 0x0020000 416c.4cc: 0000000001170000-00000000011fffff 0x0000/0x0004 0x0020000 416c.4cc: *0000000001200000-00000000012c6fff 0x0002/0x0002 0x0040000 416c.4cc: 00000000012c7000-000000000130ffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000001310000-0000000001314fff 0x0004/0x0004 0x0020000 416c.4cc: 0000000001315000-000000000140ffff 0x0000/0x0004 0x0020000 416c.4cc: 0000000001410000-00000000014cffff 0x0001/0x0000 0x0000000 416c.4cc: *00000000014d0000-00000000014defff 0x0004/0x0004 0x0020000 416c.4cc: 00000000014df000-00000000014dffff 0x0000/0x0004 0x0020000 416c.4cc: *00000000014e0000-00000000014e0fff 0x0000/0x0004 0x0020000 416c.4cc: 00000000014e1000-00000000016d1fff 0x0004/0x0004 0x0020000 416c.4cc: 00000000016d2000-00000000016d2fff 0x0000/0x0004 0x0020000 416c.4cc: 00000000016d3000-00000000016dffff 0x0001/0x0000 0x0000000 416c.4cc: *00000000016e0000-00000000016fcfff 0x0004/0x0004 0x0020000 416c.4cc: 00000000016fd000-00000000017dffff 0x0000/0x0004 0x0020000 416c.4cc: 00000000017e0000-000000007ffdffff 0x0001/0x0000 0x0000000 416c.4cc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 416c.4cc: 000000007ffe1000-000000007ffe1fff 0x0001/0x0000 0x0000000 416c.4cc: *000000007ffe2000-000000007ffe2fff 0x0002/0x0002 0x0020000 416c.4cc: 000000007ffe3000-00007ff4c0b3ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ff4c0b40000-00007ff4c0b44fff 0x0002/0x0002 0x0040000 416c.4cc: 00007ff4c0b45000-00007ff4c0c3ffff 0x0000/0x0002 0x0040000 416c.4cc: *00007ff4c0c40000-00007ff5c0c5ffff 0x0000/0x0004 0x0020000 416c.4cc: *00007ff5c0c60000-00007ff5c2c5ffff 0x0000/0x0004 0x0020000 416c.4cc: 00007ff5c2c60000-00007ff5c2c60fff 0x0004/0x0004 0x0020000 416c.4cc: 00007ff5c2c61000-00007ff5c2c6ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ff5c2c70000-00007ff5c2c70fff 0x0002/0x0002 0x0040000 416c.4cc: 00007ff5c2c71000-00007ff5c2c7ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ff5c2c80000-00007ff5c2ca2fff 0x0002/0x0002 0x0040000 416c.4cc: 00007ff5c2ca3000-00007ff72e94ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ff72e950000-00007ff72e950fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72e951000-00007ff72e9c5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72e9c6000-00007ff72e9c6fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72e9c7000-00007ff72ea0efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea0f000-00007ff72ea11fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea12000-00007ff72ea14fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea15000-00007ff72ea17fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea18000-00007ff72ea18fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea19000-00007ff72ea1afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea1b000-00007ff72ea1bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea1c000-00007ff72ea64fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea65000-00007ffd7652ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ffd76530000-00007ffd76530fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 416c.4cc: 00007ffd76531000-00007ffd76635fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 416c.4cc: 00007ffd76636000-00007ffd76798fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 416c.4cc: 00007ffd76799000-00007ffd7679cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 416c.4cc: 00007ffd7679d000-00007ffd7679dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 416c.4cc: 00007ffd7679e000-00007ffd767d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 416c.4cc: 00007ffd767d4000-00007ffd7869ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ffd786a0000-00007ffd786a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll 416c.4cc: 00007ffd786a1000-00007ffd78715fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll 416c.4cc: 00007ffd78716000-00007ffd78747fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll 416c.4cc: 00007ffd78748000-00007ffd78748fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll 416c.4cc: 00007ffd78749000-00007ffd78749fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll 416c.4cc: 00007ffd7874a000-00007ffd78751fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll 416c.4cc: 00007ffd78752000-00007ffd78a5ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ffd78a60000-00007ffd78a60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78a61000-00007ffd78b77fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78b78000-00007ffd78bbefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bbf000-00007ffd78bbffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bc0000-00007ffd78bc1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bc2000-00007ffd78bcafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bcb000-00007ffd78c4ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78c50000-00007ffffffeffff 0x0001/0x0000 0x0000000 416c.4cc: kernel32.dll: timestamp 0xce6bbd73 (rc=VINF_SUCCESS) 416c.4cc: kernelbase.dll: timestamp 0x91b9349a (rc=VINF_SUCCESS) 416c.4cc: VirtualBoxVM.exe: timestamp 0x5d9f7c37 (rc=VINF_SUCCESS) 416c.4cc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports 416c.4cc: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports 416c.4cc: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0 416c.4cc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports 416c.4cc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) 416c.4cc: supR3HardNtEnableThreadCreationEx: 416c.4cc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd78ad1770 pvNtTerminateThread=00007ffd78afcac0 416c.4cc: supR3HardenedWinDoReSpawn(1): New child a28.27b0 [kernel32]. 416c.4cc: supR3HardNtChildGatherData: PebBaseAddress=0000000000c15000 cbPeb=0x388 416c.4cc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd78a60000 uNtDllChildAddr=00007ffd78a60000 416c.4cc: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd78ad1770 416c.4cc: supR3HardenedWinSetupChildInit: Start child. 416c.4cc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 416c.4cc: supR3HardNtChildPurify: Startup delay kludge #1/0: 516 ms, 61 sleeps 416c.4cc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 416c.4cc: *0000000000000000-0000000000a9ffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000aa0000-0000000000abffff 0x0004/0x0004 0x0020000 416c.4cc: *0000000000ac0000-0000000000adafff 0x0002/0x0002 0x0040000 416c.4cc: 0000000000adb000-0000000000adffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000ae0000-0000000000bdafff 0x0000/0x0004 0x0020000 416c.4cc: 0000000000bdb000-0000000000bddfff 0x0104/0x0004 0x0020000 416c.4cc: 0000000000bde000-0000000000bdffff 0x0004/0x0004 0x0020000 416c.4cc: *0000000000be0000-0000000000be3fff 0x0002/0x0002 0x0040000 416c.4cc: 0000000000be4000-0000000000beffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000bf0000-0000000000bf1fff 0x0004/0x0004 0x0020000 416c.4cc: 0000000000bf2000-0000000000bfffff 0x0001/0x0000 0x0000000 416c.4cc: *0000000000c00000-0000000000c14fff 0x0000/0x0004 0x0020000 416c.4cc: 0000000000c15000-0000000000c17fff 0x0004/0x0004 0x0020000 416c.4cc: 0000000000c18000-0000000000dfffff 0x0000/0x0004 0x0020000 416c.4cc: 0000000000e00000-000000007ffdffff 0x0001/0x0000 0x0000000 416c.4cc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 416c.4cc: 000000007ffe1000-000000007ffe1fff 0x0001/0x0000 0x0000000 416c.4cc: *000000007ffe2000-000000007ffe2fff 0x0002/0x0002 0x0020000 416c.4cc: 000000007ffe3000-00007ff5253cffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ff5253d0000-00007ff5253d0fff 0x0002/0x0002 0x0040000 416c.4cc: 00007ff5253d1000-00007ff5253dffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ff5253e0000-00007ff525402fff 0x0002/0x0002 0x0040000 416c.4cc: 00007ff525403000-00007ff72e94ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ff72e950000-00007ff72e950fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72e951000-00007ff72e9c5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72e9c6000-00007ff72e9c6fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72e9c7000-00007ff72ea0efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea0f000-00007ff72ea0ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea10000-00007ff72ea10fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea11000-00007ff72ea15fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea16000-00007ff72ea16fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea17000-00007ff72ea17fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea18000-00007ff72ea1bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea1c000-00007ff72ea64fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe 416c.4cc: 00007ff72ea65000-00007ffd78a5ffff 0x0001/0x0000 0x0000000 416c.4cc: *00007ffd78a60000-00007ffd78a60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78a61000-00007ffd78b77fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78b78000-00007ffd78bbefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bbf000-00007ffd78bcafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bcb000-00007ffd78bd9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bda000-00007ffd78bdafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bdb000-00007ffd78bddfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78bde000-00007ffd78c4ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 416c.4cc: 00007ffd78c50000-00007ffffffeffff 0x0001/0x0000 0x0000000 416c.4cc: supR3HardNtChildPurify: Done after 522 ms and 0 fixes (loop #0). a28.27b0: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00 a28.27b0: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd78a60000 g_uNtVerCombined=0xa047bb00 416c.4cc: supR3HardNtEnableThreadCreationEx: a28.27b0: ntdll.dll: timestamp 0xb29ecf52 (rc=VINF_SUCCESS) a28.27b0: New simple heap: #1 0000000000f00000 LB 0x400000 (for 2031616 allocation) a28.27b0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' a28.27b0: System32: \Device\HarddiskVolume4\Windows\System32 a28.27b0: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS a28.27b0: KnownDllPath: C:\WINDOWS\System32 a28.27b0: supR3HardenedVmProcessInit: Opening vboxdrv stub... a28.27b0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... a28.27b0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... a28.27b0: Registered Dll notification callback with NTDLL. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001: [calling] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76530000 LB 0x002a4000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd786a0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd786a0000 'C:\WINDOWS\System32\KERNEL32.DLL' a28.27b0: supR3HardenedDllNotificationCallback: load 00007ff72e950000 LB 0x00115000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0] a28.27b0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe a28.27b0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd78ad1770 pvNtTerminateThread=00007ffd78afcac0 416c.4cc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 88 ms. a28.27b0: \SystemRoot\System32\ntdll.dll: a28.27b0: CreationTime: 2020-04-25T14:04:34.102606900Z a28.27b0: LastWriteTime: 2020-04-25T14:04:34.149204200Z a28.27b0: ChangeTime: 2020-08-12T01:15:51.432397900Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x1e8460 a28.27b0: NT Headers: 0xd8 a28.27b0: Timestamp: 0xb29ecf52 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0xb29ecf52 a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0x1f0000 (2031616) a28.27b0: Resource Dir: 0x17f000 LB 0x6f310 a28.27b0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Microsoft® Windows® Operating System a28.27b0: ProductVersion: 10.0.18362.815 a28.27b0: FileVersion: 10.0.18362.815 (WinBuild.160101.0800) a28.27b0: FileDescription: NT Layer DLL a28.27b0: \SystemRoot\System32\kernel32.dll: a28.27b0: CreationTime: 2020-07-14T22:22:33.967872500Z a28.27b0: LastWriteTime: 2020-07-14T22:22:33.988766200Z a28.27b0: ChangeTime: 2020-08-12T01:15:50.259080500Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0xb0498 a28.27b0: NT Headers: 0xe8 a28.27b0: Timestamp: 0xce6bbd73 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0xce6bbd73 a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0xb2000 (729088) a28.27b0: Resource Dir: 0xb0000 LB 0x520 a28.27b0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Microsoft® Windows® Operating System a28.27b0: ProductVersion: 10.0.18362.959 a28.27b0: FileVersion: 10.0.18362.959 (WinBuild.160101.0800) a28.27b0: FileDescription: Windows NT BASE API Client DLL a28.27b0: \SystemRoot\System32\KernelBase.dll: a28.27b0: CreationTime: 2020-08-12T01:14:30.017748800Z a28.27b0: LastWriteTime: 2020-08-12T01:14:30.095769900Z a28.27b0: ChangeTime: 2020-08-12T03:48:36.759556200Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x2a3868 a28.27b0: NT Headers: 0xf8 a28.27b0: Timestamp: 0x91b9349a a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x91b9349a a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0x2a4000 (2768896) a28.27b0: Resource Dir: 0x27e000 LB 0x548 a28.27b0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Microsoft® Windows® Operating System a28.27b0: ProductVersion: 10.0.18362.997 a28.27b0: FileVersion: 10.0.18362.997 (WinBuild.160101.0800) a28.27b0: FileDescription: Windows NT BASE API Client DLL a28.27b0: \SystemRoot\System32\apisetschema.dll: a28.27b0: CreationTime: 2019-03-19T04:43:54.837151500Z a28.27b0: LastWriteTime: 2019-03-19T04:43:54.837151500Z a28.27b0: ChangeTime: 2020-08-12T01:15:50.205068400Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x1d028 a28.27b0: NT Headers: 0xc8 a28.27b0: Timestamp: 0xd6ced080 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0xd6ced080 a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0x1e000 (122880) a28.27b0: Resource Dir: 0x1d000 LB 0x408 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Microsoft® Windows® Operating System a28.27b0: ProductVersion: 10.0.18362.1 a28.27b0: FileVersion: 10.0.18362.1 (WinBuild.160101.0800) a28.27b0: FileDescription: ApiSet Schema DLL a28.27b0: NtOpenDirectoryObject failed on \Driver: 0xc0000022 a28.27b0: supR3HardenedWinFindAdversaries: 0xa0 a28.27b0: \SystemRoot\System32\drivers\cfwids.sys: a28.27b0: CreationTime: 2018-12-10T07:03:26.000000000Z a28.27b0: LastWriteTime: 2020-04-09T14:15:22.000000000Z a28.27b0: ChangeTime: 2020-07-03T23:00:27.346782600Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x127b8 a28.27b0: NT Headers: 0xf0 a28.27b0: Timestamp: 0x5e7a0da1 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5e7a0da1 a28.27b0: Image Version: 0.0 a28.27b0: SizeOfImage: 0x14000 (81920) a28.27b0: Resource Dir: 0x12000 LB 0x550 a28.27b0: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x120a0 LB 0x318, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: SYSCORE a28.27b0: ProductVersion: 20.4.0.155 a28.27b0: FileVersion: SYSCORE.20.4.0.155 a28.27b0: PrivateBuild: SYSCORE.20.4.0.155 a28.27b0: FileDescription: McAfee Personal Firewall IDS Plugin a28.27b0: \SystemRoot\System32\drivers\mfeavfk.sys: a28.27b0: CreationTime: 2018-12-10T07:03:26.000000000Z a28.27b0: LastWriteTime: 2020-04-09T14:15:22.000000000Z a28.27b0: ChangeTime: 2020-07-03T23:00:22.931792200Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x5d5b8 a28.27b0: NT Headers: 0xe8 a28.27b0: Timestamp: 0x5e7a0d35 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5e7a0d35 a28.27b0: Image Version: 0.0 a28.27b0: SizeOfImage: 0x5e000 (385024) a28.27b0: Resource Dir: 0x5c000 LB 0x758 a28.27b0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x5c110 LB 0x334, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: SYSCORE a28.27b0: ProductVersion: 20.4.0.155 a28.27b0: FileVersion: SYSCORE.20.4.0.155 a28.27b0: PrivateBuild: SYSCORE.20.4.0.155 F15,F16,F19 a28.27b0: FileDescription: Anti-Virus File System Filter Driver a28.27b0: \SystemRoot\System32\drivers\mfefirek.sys: a28.27b0: CreationTime: 2018-12-10T07:03:26.000000000Z a28.27b0: LastWriteTime: 2020-04-09T14:15:22.000000000Z a28.27b0: ChangeTime: 2020-07-03T23:00:20.962130100Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x7f5b0 a28.27b0: NT Headers: 0xe0 a28.27b0: Timestamp: 0x5e7a0d81 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5e7a0d81 a28.27b0: Image Version: 0.0 a28.27b0: SizeOfImage: 0x81000 (528384) a28.27b0: Resource Dir: 0x7d000 LB 0x388 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x7d060 LB 0x328, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: SYSCORE a28.27b0: ProductVersion: 20.4.0.155 a28.27b0: FileVersion: SYSCORE.20.4.0.155 a28.27b0: PrivateBuild: SYSCORE.20.4.0.155 F17,F18 a28.27b0: FileDescription: McAfee Core Firewall Engine Driver a28.27b0: \SystemRoot\System32\drivers\mfehidk.sys: a28.27b0: CreationTime: 2018-12-10T07:03:26.000000000Z a28.27b0: LastWriteTime: 2020-04-09T14:15:22.000000000Z a28.27b0: ChangeTime: 2020-07-03T23:00:11.638981800Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0xf45b0 a28.27b0: NT Headers: 0xf8 a28.27b0: Timestamp: 0x5e7a0d05 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5e7a0d05 a28.27b0: Image Version: 0.0 a28.27b0: SizeOfImage: 0xfe000 (1040384) a28.27b0: Resource Dir: 0xfa000 LB 0x758 a28.27b0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0xfa110 LB 0x320, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: SYSCORE a28.27b0: ProductVersion: 20.4.0.155 a28.27b0: FileVersion: SYSCORE.20.4.0.155 a28.27b0: PrivateBuild: SYSCORE.20.4.0.155 F14,F15,F16,F18,F20 a28.27b0: FileDescription: McAfee Link Driver a28.27b0: \SystemRoot\System32\drivers\mfencbdc.sys: a28.27b0: CreationTime: 2018-11-19T06:44:58.000000000Z a28.27b0: LastWriteTime: 2020-05-01T07:55:06.000000000Z a28.27b0: ChangeTime: 2020-07-03T23:03:36.104665700Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x91688 a28.27b0: NT Headers: 0xe0 a28.27b0: Timestamp: 0x5e4d96a0 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5e4d96a0 a28.27b0: Image Version: 0.0 a28.27b0: SizeOfImage: 0x95000 (610304) a28.27b0: Resource Dir: 0x93000 LB 0x458 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x93060 LB 0x3f4, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Anti-Malware Core a28.27b0: ProductVersion: 20.3.0 a28.27b0: FileVersion: Anti-Malware Core.20.3.0.108.x64 a28.27b0: PrivateBuild: Anti-Malware Core.20.3.0.108.x64 a28.27b0: FileDescription: Event Driver a28.27b0: \SystemRoot\System32\drivers\mfewfpk.sys: a28.27b0: CreationTime: 2018-12-10T07:03:26.000000000Z a28.27b0: LastWriteTime: 2020-04-09T14:15:22.000000000Z a28.27b0: ChangeTime: 2020-07-03T23:00:06.372118900Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x3d9b0 a28.27b0: NT Headers: 0xf0 a28.27b0: Timestamp: 0x5e7a0d11 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5e7a0d11 a28.27b0: Image Version: 0.0 a28.27b0: SizeOfImage: 0x59000 (364544) a28.27b0: Resource Dir: 0x57000 LB 0x380 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: SYSCORE a28.27b0: ProductVersion: 20.4.0.155 a28.27b0: FileVersion: SYSCORE.20.4.0.155 a28.27b0: PrivateBuild: SYSCORE.20.4.0.155 F17,F18 a28.27b0: FileDescription: Anti-Virus Mini-Firewall Driver a28.27b0: \SystemRoot\System32\drivers\MBAMSwissArmy.sys: a28.27b0: CreationTime: 2020-05-28T00:36:55.568354000Z a28.27b0: LastWriteTime: 2020-06-06T23:47:01.262970400Z a28.27b0: ChangeTime: 2020-06-06T23:47:01.294977300Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x3cc88 a28.27b0: NT Headers: 0xf0 a28.27b0: Timestamp: 0x5dd55459 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5dd55459 a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0x3f000 (258048) a28.27b0: Resource Dir: 0x3d000 LB 0x3b8 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x3d060 LB 0x358, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Malwarebytes SwissArmy a28.27b0: ProductVersion: 4.3.0.178 a28.27b0: FileVersion: 4.3.0.178 a28.27b0: FileDescription: Malwarebytes SwissArmy a28.27b0: \SystemRoot\System32\drivers\mwac.sys: a28.27b0: CreationTime: 2020-08-12T03:49:41.344382400Z a28.27b0: LastWriteTime: 2020-08-12T03:49:41.344382400Z a28.27b0: ChangeTime: 2020-08-12T03:49:41.391260900Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x200a0 a28.27b0: NT Headers: 0xe0 a28.27b0: Timestamp: 0x5ef0c401 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5ef0c401 a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0x22000 (139264) a28.27b0: Resource Dir: 0x20000 LB 0x380 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x20060 LB 0x320, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Malwarebytes Web Protection a28.27b0: ProductVersion: 1.0.0.54 a28.27b0: FileVersion: 1.0.0.54 a28.27b0: FileDescription: Malwarebytes Web Protection a28.27b0: \SystemRoot\System32\drivers\mbamchameleon.sys: a28.27b0: CreationTime: 2020-02-07T23:46:25.185174900Z a28.27b0: LastWriteTime: 2020-08-01T00:29:19.290572200Z a28.27b0: ChangeTime: 2020-08-01T00:29:19.366589800Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x34bf8 a28.27b0: NT Headers: 0xf8 a28.27b0: Timestamp: 0x5ed916d3 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5ed916d3 a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0x38000 (229376) a28.27b0: Resource Dir: 0x36000 LB 0x3b8 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x36060 LB 0x358, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Malwarebytes Chameleon a28.27b0: ProductVersion: 3.1.0.316 a28.27b0: FileVersion: 3.1.0.316 a28.27b0: FileDescription: Malwarebytes Chameleon a28.27b0: \SystemRoot\System32\drivers\mbam.sys: a28.27b0: CreationTime: 2020-08-12T03:49:46.516603500Z a28.27b0: LastWriteTime: 2020-08-12T03:49:46.500977800Z a28.27b0: ChangeTime: 2020-08-12T03:49:46.500977800Z a28.27b0: FileAttributes: 0x20 a28.27b0: Size: 0x11e98 a28.27b0: NT Headers: 0xd8 a28.27b0: Timestamp: 0x5f04b5a9 a28.27b0: Machine: 0x8664 - amd64 a28.27b0: Timestamp: 0x5f04b5a9 a28.27b0: Image Version: 10.0 a28.27b0: SizeOfImage: 0x13000 (77824) a28.27b0: Resource Dir: 0x11000 LB 0x3c0 a28.27b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] a28.27b0: [Raw version resource data: 0x11060 LB 0x360, codepage 0x0 (reserved 0x0)] a28.27b0: ProductName: Malwarebytes Real-Time Protection a28.27b0: ProductVersion: 3.1.0.193 a28.27b0: FileVersion: 3.1.0.193 a28.27b0: FileDescription: Malwarebytes Real-Time Protection a28.27b0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' a28.27b0: Calling main() a28.27b0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2 a28.27b0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' a28.27b0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) a28.27b0: SUPR3HardenedMain: Respawn #2 a28.27b0: supR3HardNtEnableThreadCreationEx: a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77d30000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd78910000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll a28.27b0: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78a60000 'C:\WINDOWS\System32\ntdll.dll' a28.27b0: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) a28.27b0: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment "Server 2003" --startvm 192061b8-05a6-407d-ad04-f630af1563c5 --no-startvm-errormsgbox "--sup-hardening-log=D:\VirtualBox VMs\Server 2003\Logs\VBoxHardening.log"' a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxglobal.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxglobal.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxglobal.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxglobal.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGlobal.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGlobal.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGlobal.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DXCore.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DXCore.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77e50000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76b80000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd767e0000 LB 0x00021000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76810000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75b10000 LB 0x0009e000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76390000 LB 0x00196000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd770b0000 LB 0x00026000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77b20000 LB 0x00195000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75a10000 LB 0x00080000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd770e0000 LB 0x00335000 C:\WINDOWS\System32\combase.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76340000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd74570000 LB 0x00020000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DXCore.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd72410000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd4cfa0000 LB 0x00156000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 0000000053eb0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00000000545e0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77cc0000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd23230000 LB 0x005e2000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76e50000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75940000 LB 0x00023000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75910000 LB 0x00010000 C:\WINDOWS\System32\UMPDC.dll [fFlags=0x0] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\umpdc.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\umpdc.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75990000 LB 0x0004a000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76b20000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75970000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75bb0000 LB 0x00782000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75af0000 LB 0x00017000 C:\WINDOWS\System32\cryptsp.dll [fFlags=0x0] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77fb0000 LB 0x006e7000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77890000 LB 0x00157000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd64df0000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 0000000053940000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd23820000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00000000533d0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76d70000 LB 0x000c5000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd1a550000 LB 0x02387000 C:\Program Files\Oracle\VirtualBox\VBoxGlobal.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGlobal.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00000000532f0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd6cb40000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd6cbf0000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd37810000 LB 0x00188000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-synch-l1-2-0' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-fibers-l1-1-1' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-fibers-l1-1-1' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-synch-l1-2-0' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-localization-l1-2-1' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\umpdc.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd786a0000 'C:\WINDOWS\System32\kernel32.dll' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-string-l1-1-0' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-datetime-l1-1-1' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76530000 'api-ms-win-core-localization-obsolete-l1-2-0' a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77af0000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd77af0000 'C:\WINDOWS\system32\IMM32.DLL' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd23230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76b80000 'C:\WINDOWS\System32\ADVAPI32.DLL' a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd75340000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd37810000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd786a0000 'C:\WINDOWS\System32\kernel32.dll' a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd4ce70000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd4ce70000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll' a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd73c70000 LB 0x00099000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd73c70000 'C:\WINDOWS\system32\uxtheme.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd77b20000 'C:\WINDOWS\system32\user32.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd77fb0000 'C:\WINDOWS\system32\shell32.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76e50000 'C:\WINDOWS\system32\SHCore.dll' a28.27b0: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0 a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6cbf0000 'C:\WINDOWS\system32\winmm.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6cbf0000 'C:\WINDOWS\system32\winmm.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd77fb0000 'C:\WINDOWS\system32\shell32.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd73c70000 'C:\WINDOWS\system32\uxtheme.dll' a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd770b0000 'C:\WINDOWS\system32\gdi32.dll' a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd76c30000 LB 0x00135000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd77d30000 'C:\WINDOWS\System32\rpcrt4.dll' a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd77ef0000 LB 0x000a2000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd74600000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd730d0000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd73410000 LB 0x001dd000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd5a440000 LB 0x0003a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd770b0000 'C:\WINDOWS\System32\gdi32.dll' a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd5a440000 'C:\WINDOWS\system32\dataexchange.dll' a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rmclient.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rmclient.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd74180000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd73d30000 LB 0x00262000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd75710000 LB 0x0002a000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd6fe40000 LB 0x00072000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'. a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'. a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'. a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll) a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume4\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'. a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll a28.27b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntmarta.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntmarta.dll a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll) a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'. a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'... a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'. a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'. a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll) a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd74a10000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntmarta.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd73330000 LB 0x000d4000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd71270000 LB 0x00153000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd6b8d0000 LB 0x0032a000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd6b260000 LB 0x0009e000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd77b20000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd77b20000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll' a28.27b0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1 a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd770e0000 'api-ms-win-core-com-l1-1-0.dll' a28.3db4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd6ef40000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd6bee0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd50770000 LB 0x00044000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6fe40000 'C:\WINDOWS\System32\MMDEVAPI.DLL' a28.27b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.27b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\iertutil.dll) a28.27b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\iertutil.dll a28.27b0: supR3HardenedDllNotificationCallback: load 00007ffd6d000000 LB 0x002a6000 C:\WINDOWS\System32\iertutil.dll [fFlags=0x0] a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\iertutil.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.27b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.27b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.27b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd76c30000 'C:\WINDOWS\System32\MSCTF.dll' a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] a28.3db4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd6fec0000 LB 0x0015d000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6fec0000 'C:\WINDOWS\System32\AUDIOSES.DLL' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd50770000 'C:\WINDOWS\System32\wdmaud.drv' a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd6c410000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd6e520000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e520000 'C:\WINDOWS\System32\msacm32.drv' a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. a28.3db4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'. a28.3db4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\midimap.dll) a28.3db4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... a28.3db4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] a28.3db4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedDllNotificationCallback: load 00007ffd6e430000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0] a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e430000 'C:\WINDOWS\System32\midimap.dll' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e430000 'C:\WINDOWS\System32\midimap.dll' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e430000 'C:\WINDOWS\System32\midimap.dll' a28.3db4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] a28.3db4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001: [calling] a28.3db4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6e430000 'C:\WINDOWS\System32\midimap.dll' a28.2100: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] a28.2100: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] a28.2100: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd6fe40000 'C:\WINDOWS\System32\MMDevApi.dll' 416c.4cc: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 29659 ms, the end);