16dc.17cc: Log file opened: 5.0.0r101573 g_hStartupLog=000000000000001c g_uNtVerCombined=0x63258000 16dc.17cc: \SystemRoot\System32\ntdll.dll: 16dc.17cc: CreationTime: 2015-10-14T13:13:36.775344700Z 16dc.17cc: LastWriteTime: 2015-08-07T21:40:29.476583000Z 16dc.17cc: ChangeTime: 2015-11-11T09:56:13.483088800Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1a7f48 16dc.17cc: NT Headers: 0xd8 16dc.17cc: Timestamp: 0x55c4c16b 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x55c4c16b 16dc.17cc: Image Version: 6.3 16dc.17cc: SizeOfImage: 0x1ac000 (1753088) 16dc.17cc: Resource Dir: 0x148000 LB 0x62450 16dc.17cc: ProductName: Microsoft® Windows® Operating System 16dc.17cc: ProductVersion: 6.3.9600.18007 16dc.17cc: FileVersion: 6.3.9600.18007 (winblue_ltsb.150807-0612) 16dc.17cc: FileDescription: NT Layer DLL 16dc.17cc: \SystemRoot\System32\kernel32.dll: 16dc.17cc: CreationTime: 2015-04-22T13:18:45.398909300Z 16dc.17cc: LastWriteTime: 2014-10-29T04:09:24.572407200Z 16dc.17cc: ChangeTime: 2015-10-16T09:47:32.906482100Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x13fc30 16dc.17cc: NT Headers: 0xf8 16dc.17cc: Timestamp: 0x545054ca 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x545054ca 16dc.17cc: Image Version: 6.3 16dc.17cc: SizeOfImage: 0x13e000 (1302528) 16dc.17cc: Resource Dir: 0x12e000 LB 0x518 16dc.17cc: ProductName: Microsoft® Windows® Operating System 16dc.17cc: ProductVersion: 6.3.9600.17415 16dc.17cc: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500) 16dc.17cc: FileDescription: Windows NT BASE API Client DLL 16dc.17cc: \SystemRoot\System32\KernelBase.dll: 16dc.17cc: CreationTime: 2015-10-14T13:13:45.459415500Z 16dc.17cc: LastWriteTime: 2015-08-07T21:40:29.476583000Z 16dc.17cc: ChangeTime: 2015-10-16T09:47:33.484608100Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1150a0 16dc.17cc: NT Headers: 0xf0 16dc.17cc: Timestamp: 0x55c4c341 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x55c4c341 16dc.17cc: Image Version: 6.3 16dc.17cc: SizeOfImage: 0x115000 (1134592) 16dc.17cc: Resource Dir: 0x110000 LB 0x3530 16dc.17cc: ProductName: Microsoft® Windows® Operating System 16dc.17cc: ProductVersion: 6.3.9600.18007 16dc.17cc: FileVersion: 6.3.9600.18007 (winblue_ltsb.150807-0612) 16dc.17cc: FileDescription: Windows NT BASE API Client DLL 16dc.17cc: \SystemRoot\System32\apisetschema.dll: 16dc.17cc: CreationTime: 2013-08-22T12:13:09.745625900Z 16dc.17cc: LastWriteTime: 2013-08-22T12:35:12.091034400Z 16dc.17cc: ChangeTime: 2014-05-07T07:41:10.708341000Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x11360 16dc.17cc: NT Headers: 0xd0 16dc.17cc: Timestamp: 0x52160049 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x52160049 16dc.17cc: Image Version: 6.3 16dc.17cc: SizeOfImage: 0x13000 (77824) 16dc.17cc: Resource Dir: 0x11000 LB 0x3f8 16dc.17cc: ProductName: Microsoft® Windows® Operating System 16dc.17cc: ProductVersion: 6.3.9600.16384 16dc.17cc: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623) 16dc.17cc: FileDescription: ApiSet Schema DLL 16dc.17cc: NtOpenDirectoryObject failed on \Driver: 0xc0000022 16dc.17cc: supR3HardenedWinFindAdversaries: 0x200 16dc.17cc: \SystemRoot\System32\drivers\PSINAflt.sys: 16dc.17cc: CreationTime: 2015-04-21T15:28:16.000000000Z 16dc.17cc: LastWriteTime: 2015-04-21T15:28:16.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.001957900Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x27f10 16dc.17cc: NT Headers: 0x108 16dc.17cc: Timestamp: 0x55366bfd 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x55366bfd 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x2b000 (176128) 16dc.17cc: Resource Dir: 0x29000 LB 0x398 16dc.17cc: ProductName: Cloud Antivirus Platform 16dc.17cc: ProductVersion: 4,0,0,760 16dc.17cc: FileVersion: 4,0,0,760 built by: WinDDK 16dc.17cc: FileDescription: PSINAflt Filter Driver for Vista64 16dc.17cc: \SystemRoot\System32\drivers\PSINFile.sys: 16dc.17cc: CreationTime: 2015-02-25T19:03:23.000000000Z 16dc.17cc: LastWriteTime: 2015-02-25T19:03:23.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.017559000Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1db10 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54ee18a3 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54ee18a3 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x20000 (131072) 16dc.17cc: Resource Dir: 0x1e000 LB 0x398 16dc.17cc: ProductName: Cloud Antivirus Platform 16dc.17cc: ProductVersion: 4,0,0,761 16dc.17cc: FileVersion: 4,0,0,761 built by: WinDDK 16dc.17cc: FileDescription: PSINFile Filter Driver for Vista64 16dc.17cc: \SystemRoot\System32\drivers\PSINKNC.sys: 16dc.17cc: CreationTime: 2015-02-25T19:03:24.000000000Z 16dc.17cc: LastWriteTime: 2015-02-25T19:03:24.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.048806500Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x30310 16dc.17cc: NT Headers: 0x108 16dc.17cc: Timestamp: 0x54ee1824 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54ee1824 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x35000 (217088) 16dc.17cc: Resource Dir: 0x33000 LB 0x390 16dc.17cc: ProductName: Cloud Antivirus Platform 16dc.17cc: ProductVersion: 4,0,0,767 16dc.17cc: FileVersion: 4,0,0,767 built by: WinDDK 16dc.17cc: FileDescription: PSINKNC Kernel Controller for Vista64 16dc.17cc: \SystemRoot\System32\drivers\PSINProc.sys: 16dc.17cc: CreationTime: 2015-02-25T19:03:24.000000000Z 16dc.17cc: LastWriteTime: 2015-02-25T19:03:24.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.080058600Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1e510 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54ee1920 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54ee1920 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x21000 (135168) 16dc.17cc: Resource Dir: 0x1f000 LB 0x398 16dc.17cc: ProductName: Cloud Antivirus Platform 16dc.17cc: ProductVersion: 4,0,0,753 16dc.17cc: FileVersion: 4,0,0,753 built by: WinDDK 16dc.17cc: FileDescription: PSINProc Filter Driver for Vista64 16dc.17cc: \SystemRoot\System32\drivers\PSINProt.sys: 16dc.17cc: CreationTime: 2015-02-25T19:03:24.000000000Z 16dc.17cc: LastWriteTime: 2015-02-25T19:03:24.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.111307600Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x20b10 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54ee195f 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54ee195f 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x24000 (147456) 16dc.17cc: Resource Dir: 0x22000 LB 0x378 16dc.17cc: ProductName: Cloud Antivirus Platform 16dc.17cc: ProductVersion: 4,0,0,750 16dc.17cc: FileVersion: 4,0,0,750 built by: WinDDK 16dc.17cc: FileDescription: PSINProt for Vista64 16dc.17cc: \SystemRoot\System32\drivers\PSINReg.sys: 16dc.17cc: CreationTime: 2015-02-25T19:03:25.000000000Z 16dc.17cc: LastWriteTime: 2015-02-25T19:03:25.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:57.131951100Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1a510 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54ee18e1 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54ee18e1 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x1e000 (122880) 16dc.17cc: Resource Dir: 0x1c000 LB 0x380 16dc.17cc: ProductName: Cloud Antivirus Platform 16dc.17cc: ProductVersion: 4.0.0.2 16dc.17cc: FileVersion: 4.0.0.2 built by: WinDDK 16dc.17cc: FileDescription: PSINReg Filter Driver for Vista64 16dc.17cc: \SystemRoot\System32\drivers\PSKMAD.sys: 16dc.17cc: CreationTime: 2015-11-12T10:48:41.997858600Z 16dc.17cc: LastWriteTime: 2015-01-29T17:21:35.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:55.540799400Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0xf110 16dc.17cc: NT Headers: 0xe8 16dc.17cc: Timestamp: 0x54ca6987 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54ca6987 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x11000 (69632) 16dc.17cc: Resource Dir: 0xf000 LB 0x368 16dc.17cc: ProductName: Panda Technologies 16dc.17cc: ProductVersion: 1.0.0.3500 16dc.17cc: FileVersion: 1.0.0.14 16dc.17cc: FileDescription: Panda Kernel Memory Access Driver (x64) 16dc.17cc: \SystemRoot\System32\drivers\NNSAlpc.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:41.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:41.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.126931300Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x16f10 16dc.17cc: NT Headers: 0xf8 16dc.17cc: Timestamp: 0x54d8e34d 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8e34d 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x1b000 (110592) 16dc.17cc: Resource Dir: 0x19000 LB 0x388 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.0.0.214 built by: WinDDK 16dc.17cc: FileDescription: Application Layer Protocol Colorizer 16dc.17cc: \SystemRoot\System32\drivers\NNSHttp.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:42.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:42.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.173807600Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x31510 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54d8f09c 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f09c 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x37000 (225280) 16dc.17cc: Resource Dir: 0x35000 LB 0x358 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.3.0.224 built by: WinDDK 16dc.17cc: FileDescription: Http Parser 16dc.17cc: \SystemRoot\System32\drivers\NNShttps.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:42.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:42.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.205059100Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1b110 16dc.17cc: NT Headers: 0xf0 16dc.17cc: Timestamp: 0x54d8f8c0 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f8c0 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x21000 (135168) 16dc.17cc: Resource Dir: 0x1f000 LB 0x360 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.2.0.60 built by: WinDDK 16dc.17cc: FileDescription: Https Parser 16dc.17cc: \SystemRoot\System32\drivers\NNSIds.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:42.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:42.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.220682900Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1c710 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54d8f3ce 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f3ce 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x28000 (163840) 16dc.17cc: Resource Dir: 0x26000 LB 0x378 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.0.0.213 built by: WinDDK 16dc.17cc: FileDescription: Intrusion Detection System 16dc.17cc: \SystemRoot\System32\drivers\NNSNAHSL.sys: 16dc.17cc: CreationTime: 2014-12-31T11:39:32.000000000Z 16dc.17cc: LastWriteTime: 2014-12-31T11:39:32.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:49:15.612052100Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0xc310 16dc.17cc: NT Headers: 0xe8 16dc.17cc: Timestamp: 0x54a3dc8d 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54a3dc8d 16dc.17cc: Image Version: 6.2 16dc.17cc: SizeOfImage: 0xf000 (61440) 16dc.17cc: Resource Dir: 0xd000 LB 0x368 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.342 16dc.17cc: FileVersion: 4.1.0.47 16dc.17cc: FileDescription: Network Activity Hook Server LWF 16dc.17cc: \SystemRoot\System32\drivers\NNSpicc.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:43.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:43.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.394967100Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x18510 16dc.17cc: NT Headers: 0xf8 16dc.17cc: Timestamp: 0x54d8f13f 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f13f 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x1f000 (126976) 16dc.17cc: Resource Dir: 0x1d000 LB 0x378 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.0.0.210 built by: WinDDK 16dc.17cc: FileDescription: Process Info Colorizer Client 16dc.17cc: \SystemRoot\System32\drivers\NNSPihsw.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:44.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:44.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.220682900Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x11110 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54d8f80c 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f80c 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x17000 (94208) 16dc.17cc: Resource Dir: 0x15000 LB 0x380 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.0.0.87 built by: WinDDK 16dc.17cc: FileDescription: Process Info Hook Server WFP 16dc.17cc: \SystemRoot\System32\drivers\NNSPop3.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:44.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:44.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.280977700Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1e510 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54d8f563 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f563 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x25000 (151552) 16dc.17cc: Resource Dir: 0x23000 LB 0x358 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.3.0.198 built by: WinDDK 16dc.17cc: FileDescription: Pop3 Parser 16dc.17cc: \SystemRoot\System32\drivers\NNSProt.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:45.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:45.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.332468600Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x49310 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54d8f21b 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f21b 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x50000 (327680) 16dc.17cc: Resource Dir: 0x4e000 LB 0x360 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 5.0.0.218 built by: WinDDK 16dc.17cc: FileDescription: Network Protector 16dc.17cc: \SystemRoot\System32\drivers\NNSPrv.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:45.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:45.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.332468600Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x28910 16dc.17cc: NT Headers: 0xf8 16dc.17cc: Timestamp: 0x54d8e1d1 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8e1d1 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x47000 (290816) 16dc.17cc: Resource Dir: 0x45000 LB 0x360 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 3.2.0.221 built by: WinDDK 16dc.17cc: FileDescription: Network Provider 16dc.17cc: \SystemRoot\System32\drivers\NNSSmtp.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:46.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:46.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.348091800Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x1bb10 16dc.17cc: NT Headers: 0x100 16dc.17cc: Timestamp: 0x54d8f781 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8f781 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x20000 (131072) 16dc.17cc: Resource Dir: 0x1e000 LB 0x358 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.1.0.128 built by: WinDDK 16dc.17cc: FileDescription: Smtp Parser 16dc.17cc: \SystemRoot\System32\drivers\NNSStrm.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:46.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:46.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.379346400Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x3ed10 16dc.17cc: NT Headers: 0xf8 16dc.17cc: Timestamp: 0x54d8e511 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8e511 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x45000 (282624) 16dc.17cc: Resource Dir: 0x43000 LB 0x350 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.3.0.227 built by: WinDDK 16dc.17cc: FileDescription: Streamer 16dc.17cc: \SystemRoot\System32\drivers\NNStlsc.sys: 16dc.17cc: CreationTime: 2015-02-09T21:13:47.000000000Z 16dc.17cc: LastWriteTime: 2015-02-09T21:13:47.000000000Z 16dc.17cc: ChangeTime: 2015-05-09T18:45:56.410595400Z 16dc.17cc: FileAttributes: 0x20 16dc.17cc: Size: 0x19f10 16dc.17cc: NT Headers: 0xf8 16dc.17cc: Timestamp: 0x54d8e401 16dc.17cc: Machine: 0x8664 - amd64 16dc.17cc: Timestamp: 0x54d8e401 16dc.17cc: Image Version: 6.1 16dc.17cc: SizeOfImage: 0x1e000 (122880) 16dc.17cc: Resource Dir: 0x1c000 LB 0x380 16dc.17cc: ProductName: Nano Network Security 16dc.17cc: ProductVersion: 3.1.0.343 16dc.17cc: FileVersion: 1.2.0.218 built by: WinDDK 16dc.17cc: FileDescription: Transport Layer Session Colorizer 16dc.17cc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 16dc.17cc: Calling main() 16dc.17cc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 16dc.17cc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 16dc.17cc: SUPR3HardenedMain: Respawn #1 16dc.17cc: System32: \Device\HarddiskVolume4\Windows\System32 16dc.17cc: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 16dc.17cc: KnownDllPath: C:\Windows\system32 16dc.17cc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 16dc.17cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 16dc.17cc: supR3HardNtEnableThreadCreation: 16dc.17cc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff958078ec0 pvNtTerminateThread=00007ff9580f1700 16dc.17cc: supR3HardenedWinDoReSpawn(1): New child 7a0.a28 [kernel32]. 16dc.17cc: supR3HardNtChildGatherData: PebBaseAddress=00007ff6a10f6000 cbPeb=0x388 16dc.17cc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff958060000 uNtDllChildAddr=00007ff958060000 16dc.17cc: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff958078ec0 16dc.17cc: supR3HardenedWinSetupChildInit: Start child. 16dc.17cc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 16dc.17cc: supR3HardNtChildPurify: Startup delay kludge #1/0: 516 ms, 32 sleeps 16dc.17cc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 16dc.17cc: *0000000000000000-ffffffffff29ffff 0x0001/0x0000 0x0000000 16dc.17cc: *0000000000d60000-0000000000d3ffff 0x0004/0x0004 0x0020000 16dc.17cc: *0000000000d80000-0000000000d70fff 0x0002/0x0002 0x0040000 16dc.17cc: 0000000000d8f000-0000000000d8dfff 0x0001/0x0000 0x0000000 16dc.17cc: *0000000000d90000-0000000000c93fff 0x0000/0x0004 0x0020000 16dc.17cc: 0000000000e8c000-0000000000e88fff 0x0104/0x0004 0x0020000 16dc.17cc: 0000000000e8f000-0000000000e8dfff 0x0004/0x0004 0x0020000 16dc.17cc: *0000000000e90000-0000000000e8bfff 0x0002/0x0002 0x0040000 16dc.17cc: 0000000000e94000-0000000000e87fff 0x0001/0x0000 0x0000000 16dc.17cc: *0000000000ea0000-0000000000e9dfff 0x0004/0x0004 0x0020000 16dc.17cc: 0000000000ea2000-ffffffff81d63fff 0x0001/0x0000 0x0000000 16dc.17cc: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 16dc.17cc: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 16dc.17cc: 000000007fff0000-ffff800a5ef0ffff 0x0001/0x0000 0x0000000 16dc.17cc: *00007ff6a10d0000-00007ff6a10acfff 0x0002/0x0002 0x0040000 16dc.17cc: 00007ff6a10f3000-00007ff6a10effff 0x0001/0x0000 0x0000000 16dc.17cc: *00007ff6a10f6000-00007ff6a10f4fff 0x0004/0x0004 0x0020000 16dc.17cc: 00007ff6a10f7000-00007ff6a10effff 0x0001/0x0000 0x0000000 16dc.17cc: *00007ff6a10fe000-00007ff6a10fbfff 0x0004/0x0004 0x0020000 16dc.17cc: 00007ff6a1100000-00007ff6a10effff 0x0001/0x0000 0x0000000 16dc.17cc: *00007ff6a1110000-00007ff6a1110fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a1111000-00007ff6a1196fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a1197000-00007ff6a1197fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a1198000-00007ff6a11e1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a11e2000-00007ff6a11e2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a11e3000-00007ff6a11e3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a11e4000-00007ff6a11e5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a11e6000-00007ff6a11e6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a11e7000-00007ff6a11e7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a11e8000-00007ff6a11ebfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a11ec000-00007ff6a1235fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 16dc.17cc: 00007ff6a1236000-00007ff3ea40bfff 0x0001/0x0000 0x0000000 16dc.17cc: *00007ff958060000-00007ff958060fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff958061000-00007ff95818cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff95818d000-00007ff958192fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff958193000-00007ff95819ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff9581a0000-00007ff9581a0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff9581a1000-00007ff9581a3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff9581a4000-00007ff9581a4fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff9581a5000-00007ff95820bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 16dc.17cc: 00007ff95820c000-00007ff2b0437fff 0x0001/0x0000 0x0000000 16dc.17cc: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000 16dc.17cc: VirtualBox.exe: timestamp 0x559e485f (rc=VINF_SUCCESS) 16dc.17cc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 16dc.17cc: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports 16dc.17cc: supR3HardNtChildPurify: Done after 594 ms and 0 fixes (loop #0). 7a0.a28: Log file opened: 5.0.0r101573 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000 7a0.a28: supR3HardenedVmProcessInit: uNtDllAddr=00007ff958060000 16dc.17cc: supR3HardNtEnableThreadCreation: 7a0.a28: ntdll.dll: timestamp 0x55c4c16b (rc=VINF_SUCCESS) 7a0.a28: New simple heap: #1 0000000000fb0000 LB 0x400000 (for 1753088 allocation) 7a0.a28: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 7a0.a28: System32: \Device\HarddiskVolume4\Windows\System32 7a0.a28: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 7a0.a28: KnownDllPath: C:\Windows\system32 7a0.a28: supR3HardenedVmProcessInit: Opening vboxdrv stub... 7a0.a28: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 7a0.a28: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 7a0.a28: Registered Dll notification callback with NTDLL. 7a0.a28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll) 7a0.a28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll 7a0.a28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801: [calling] 7a0.a28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 7a0.a28: supR3HardenedDllNotificationCallback: load 00007ff955460000 LB 0x00115000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0] 7a0.a28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll) 7a0.a28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 7a0.a28: supR3HardenedDllNotificationCallback: load 00007ff957940000 LB 0x0013e000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0] 7a0.a28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 7a0.a28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957940000 'C:\Windows\system32\KERNEL32.DLL' 7a0.a28: supR3HardenedDllNotificationCallback: load 00007ff6a1110000 LB 0x00126000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0] 7a0.a28: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 7a0.a28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 7a0.a28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff958078ec0 pvNtTerminateThread=00007ff9580f1700 16dc.17cc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 265 ms. 7a0.a28: \SystemRoot\System32\ntdll.dll: 7a0.a28: CreationTime: 2015-10-14T13:13:36.775344700Z 7a0.a28: LastWriteTime: 2015-08-07T21:40:29.476583000Z 7a0.a28: ChangeTime: 2015-11-11T09:56:13.483088800Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1a7f48 7a0.a28: NT Headers: 0xd8 7a0.a28: Timestamp: 0x55c4c16b 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x55c4c16b 7a0.a28: Image Version: 6.3 7a0.a28: SizeOfImage: 0x1ac000 (1753088) 7a0.a28: Resource Dir: 0x148000 LB 0x62450 7a0.a28: ProductName: Microsoft® Windows® Operating System 7a0.a28: ProductVersion: 6.3.9600.18007 7a0.a28: FileVersion: 6.3.9600.18007 (winblue_ltsb.150807-0612) 7a0.a28: FileDescription: NT Layer DLL 7a0.a28: \SystemRoot\System32\kernel32.dll: 7a0.a28: CreationTime: 2015-04-22T13:18:45.398909300Z 7a0.a28: LastWriteTime: 2014-10-29T04:09:24.572407200Z 7a0.a28: ChangeTime: 2015-10-16T09:47:32.906482100Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x13fc30 7a0.a28: NT Headers: 0xf8 7a0.a28: Timestamp: 0x545054ca 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x545054ca 7a0.a28: Image Version: 6.3 7a0.a28: SizeOfImage: 0x13e000 (1302528) 7a0.a28: Resource Dir: 0x12e000 LB 0x518 7a0.a28: ProductName: Microsoft® Windows® Operating System 7a0.a28: ProductVersion: 6.3.9600.17415 7a0.a28: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500) 7a0.a28: FileDescription: Windows NT BASE API Client DLL 7a0.a28: \SystemRoot\System32\KernelBase.dll: 7a0.a28: CreationTime: 2015-10-14T13:13:45.459415500Z 7a0.a28: LastWriteTime: 2015-08-07T21:40:29.476583000Z 7a0.a28: ChangeTime: 2015-10-16T09:47:33.484608100Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1150a0 7a0.a28: NT Headers: 0xf0 7a0.a28: Timestamp: 0x55c4c341 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x55c4c341 7a0.a28: Image Version: 6.3 7a0.a28: SizeOfImage: 0x115000 (1134592) 7a0.a28: Resource Dir: 0x110000 LB 0x3530 7a0.a28: ProductName: Microsoft® Windows® Operating System 7a0.a28: ProductVersion: 6.3.9600.18007 7a0.a28: FileVersion: 6.3.9600.18007 (winblue_ltsb.150807-0612) 7a0.a28: FileDescription: Windows NT BASE API Client DLL 7a0.a28: \SystemRoot\System32\apisetschema.dll: 7a0.a28: CreationTime: 2013-08-22T12:13:09.745625900Z 7a0.a28: LastWriteTime: 2013-08-22T12:35:12.091034400Z 7a0.a28: ChangeTime: 2014-05-07T07:41:10.708341000Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x11360 7a0.a28: NT Headers: 0xd0 7a0.a28: Timestamp: 0x52160049 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x52160049 7a0.a28: Image Version: 6.3 7a0.a28: SizeOfImage: 0x13000 (77824) 7a0.a28: Resource Dir: 0x11000 LB 0x3f8 7a0.a28: ProductName: Microsoft® Windows® Operating System 7a0.a28: ProductVersion: 6.3.9600.16384 7a0.a28: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623) 7a0.a28: FileDescription: ApiSet Schema DLL 7a0.a28: NtOpenDirectoryObject failed on \Driver: 0xc0000022 7a0.a28: supR3HardenedWinFindAdversaries: 0x200 7a0.a28: \SystemRoot\System32\drivers\PSINAflt.sys: 7a0.a28: CreationTime: 2015-04-21T15:28:16.000000000Z 7a0.a28: LastWriteTime: 2015-04-21T15:28:16.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.001957900Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x27f10 7a0.a28: NT Headers: 0x108 7a0.a28: Timestamp: 0x55366bfd 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x55366bfd 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x2b000 (176128) 7a0.a28: Resource Dir: 0x29000 LB 0x398 7a0.a28: ProductName: Cloud Antivirus Platform 7a0.a28: ProductVersion: 4,0,0,760 7a0.a28: FileVersion: 4,0,0,760 built by: WinDDK 7a0.a28: FileDescription: PSINAflt Filter Driver for Vista64 7a0.a28: \SystemRoot\System32\drivers\PSINFile.sys: 7a0.a28: CreationTime: 2015-02-25T19:03:23.000000000Z 7a0.a28: LastWriteTime: 2015-02-25T19:03:23.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.017559000Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1db10 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54ee18a3 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54ee18a3 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x20000 (131072) 7a0.a28: Resource Dir: 0x1e000 LB 0x398 7a0.a28: ProductName: Cloud Antivirus Platform 7a0.a28: ProductVersion: 4,0,0,761 7a0.a28: FileVersion: 4,0,0,761 built by: WinDDK 7a0.a28: FileDescription: PSINFile Filter Driver for Vista64 7a0.a28: \SystemRoot\System32\drivers\PSINKNC.sys: 7a0.a28: CreationTime: 2015-02-25T19:03:24.000000000Z 7a0.a28: LastWriteTime: 2015-02-25T19:03:24.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.048806500Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x30310 7a0.a28: NT Headers: 0x108 7a0.a28: Timestamp: 0x54ee1824 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54ee1824 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x35000 (217088) 7a0.a28: Resource Dir: 0x33000 LB 0x390 7a0.a28: ProductName: Cloud Antivirus Platform 7a0.a28: ProductVersion: 4,0,0,767 7a0.a28: FileVersion: 4,0,0,767 built by: WinDDK 7a0.a28: FileDescription: PSINKNC Kernel Controller for Vista64 7a0.a28: \SystemRoot\System32\drivers\PSINProc.sys: 7a0.a28: CreationTime: 2015-02-25T19:03:24.000000000Z 7a0.a28: LastWriteTime: 2015-02-25T19:03:24.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.080058600Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1e510 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54ee1920 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54ee1920 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x21000 (135168) 7a0.a28: Resource Dir: 0x1f000 LB 0x398 7a0.a28: ProductName: Cloud Antivirus Platform 7a0.a28: ProductVersion: 4,0,0,753 7a0.a28: FileVersion: 4,0,0,753 built by: WinDDK 7a0.a28: FileDescription: PSINProc Filter Driver for Vista64 7a0.a28: \SystemRoot\System32\drivers\PSINProt.sys: 7a0.a28: CreationTime: 2015-02-25T19:03:24.000000000Z 7a0.a28: LastWriteTime: 2015-02-25T19:03:24.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.111307600Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x20b10 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54ee195f 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54ee195f 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x24000 (147456) 7a0.a28: Resource Dir: 0x22000 LB 0x378 7a0.a28: ProductName: Cloud Antivirus Platform 7a0.a28: ProductVersion: 4,0,0,750 7a0.a28: FileVersion: 4,0,0,750 built by: WinDDK 7a0.a28: FileDescription: PSINProt for Vista64 7a0.a28: \SystemRoot\System32\drivers\PSINReg.sys: 7a0.a28: CreationTime: 2015-02-25T19:03:25.000000000Z 7a0.a28: LastWriteTime: 2015-02-25T19:03:25.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:57.131951100Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1a510 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54ee18e1 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54ee18e1 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x1e000 (122880) 7a0.a28: Resource Dir: 0x1c000 LB 0x380 7a0.a28: ProductName: Cloud Antivirus Platform 7a0.a28: ProductVersion: 4.0.0.2 7a0.a28: FileVersion: 4.0.0.2 built by: WinDDK 7a0.a28: FileDescription: PSINReg Filter Driver for Vista64 7a0.a28: \SystemRoot\System32\drivers\PSKMAD.sys: 7a0.a28: CreationTime: 2015-11-12T10:48:41.997858600Z 7a0.a28: LastWriteTime: 2015-01-29T17:21:35.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:55.540799400Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0xf110 7a0.a28: NT Headers: 0xe8 7a0.a28: Timestamp: 0x54ca6987 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54ca6987 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x11000 (69632) 7a0.a28: Resource Dir: 0xf000 LB 0x368 7a0.a28: ProductName: Panda Technologies 7a0.a28: ProductVersion: 1.0.0.3500 7a0.a28: FileVersion: 1.0.0.14 7a0.a28: FileDescription: Panda Kernel Memory Access Driver (x64) 7a0.a28: \SystemRoot\System32\drivers\NNSAlpc.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:41.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:41.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.126931300Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x16f10 7a0.a28: NT Headers: 0xf8 7a0.a28: Timestamp: 0x54d8e34d 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8e34d 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x1b000 (110592) 7a0.a28: Resource Dir: 0x19000 LB 0x388 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.0.0.214 built by: WinDDK 7a0.a28: FileDescription: Application Layer Protocol Colorizer 7a0.a28: \SystemRoot\System32\drivers\NNSHttp.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:42.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:42.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.173807600Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x31510 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54d8f09c 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f09c 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x37000 (225280) 7a0.a28: Resource Dir: 0x35000 LB 0x358 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.3.0.224 built by: WinDDK 7a0.a28: FileDescription: Http Parser 7a0.a28: \SystemRoot\System32\drivers\NNShttps.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:42.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:42.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.205059100Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1b110 7a0.a28: NT Headers: 0xf0 7a0.a28: Timestamp: 0x54d8f8c0 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f8c0 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x21000 (135168) 7a0.a28: Resource Dir: 0x1f000 LB 0x360 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.2.0.60 built by: WinDDK 7a0.a28: FileDescription: Https Parser 7a0.a28: \SystemRoot\System32\drivers\NNSIds.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:42.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:42.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.220682900Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1c710 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54d8f3ce 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f3ce 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x28000 (163840) 7a0.a28: Resource Dir: 0x26000 LB 0x378 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.0.0.213 built by: WinDDK 7a0.a28: FileDescription: Intrusion Detection System 7a0.a28: \SystemRoot\System32\drivers\NNSNAHSL.sys: 7a0.a28: CreationTime: 2014-12-31T11:39:32.000000000Z 7a0.a28: LastWriteTime: 2014-12-31T11:39:32.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:49:15.612052100Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0xc310 7a0.a28: NT Headers: 0xe8 7a0.a28: Timestamp: 0x54a3dc8d 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54a3dc8d 7a0.a28: Image Version: 6.2 7a0.a28: SizeOfImage: 0xf000 (61440) 7a0.a28: Resource Dir: 0xd000 LB 0x368 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.342 7a0.a28: FileVersion: 4.1.0.47 7a0.a28: FileDescription: Network Activity Hook Server LWF 7a0.a28: \SystemRoot\System32\drivers\NNSpicc.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:43.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:43.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.394967100Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x18510 7a0.a28: NT Headers: 0xf8 7a0.a28: Timestamp: 0x54d8f13f 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f13f 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x1f000 (126976) 7a0.a28: Resource Dir: 0x1d000 LB 0x378 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.0.0.210 built by: WinDDK 7a0.a28: FileDescription: Process Info Colorizer Client 7a0.a28: \SystemRoot\System32\drivers\NNSPihsw.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:44.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:44.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.220682900Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x11110 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54d8f80c 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f80c 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x17000 (94208) 7a0.a28: Resource Dir: 0x15000 LB 0x380 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.0.0.87 built by: WinDDK 7a0.a28: FileDescription: Process Info Hook Server WFP 7a0.a28: \SystemRoot\System32\drivers\NNSPop3.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:44.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:44.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.280977700Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1e510 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54d8f563 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f563 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x25000 (151552) 7a0.a28: Resource Dir: 0x23000 LB 0x358 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.3.0.198 built by: WinDDK 7a0.a28: FileDescription: Pop3 Parser 7a0.a28: \SystemRoot\System32\drivers\NNSProt.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:45.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:45.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.332468600Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x49310 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54d8f21b 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f21b 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x50000 (327680) 7a0.a28: Resource Dir: 0x4e000 LB 0x360 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 5.0.0.218 built by: WinDDK 7a0.a28: FileDescription: Network Protector 7a0.a28: \SystemRoot\System32\drivers\NNSPrv.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:45.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:45.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.332468600Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x28910 7a0.a28: NT Headers: 0xf8 7a0.a28: Timestamp: 0x54d8e1d1 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8e1d1 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x47000 (290816) 7a0.a28: Resource Dir: 0x45000 LB 0x360 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 3.2.0.221 built by: WinDDK 7a0.a28: FileDescription: Network Provider 7a0.a28: \SystemRoot\System32\drivers\NNSSmtp.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:46.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:46.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.348091800Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x1bb10 7a0.a28: NT Headers: 0x100 7a0.a28: Timestamp: 0x54d8f781 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8f781 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x20000 (131072) 7a0.a28: Resource Dir: 0x1e000 LB 0x358 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.1.0.128 built by: WinDDK 7a0.a28: FileDescription: Smtp Parser 7a0.a28: \SystemRoot\System32\drivers\NNSStrm.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:46.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:46.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.379346400Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x3ed10 7a0.a28: NT Headers: 0xf8 7a0.a28: Timestamp: 0x54d8e511 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8e511 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x45000 (282624) 7a0.a28: Resource Dir: 0x43000 LB 0x350 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.3.0.227 built by: WinDDK 7a0.a28: FileDescription: Streamer 7a0.a28: \SystemRoot\System32\drivers\NNStlsc.sys: 7a0.a28: CreationTime: 2015-02-09T21:13:47.000000000Z 7a0.a28: LastWriteTime: 2015-02-09T21:13:47.000000000Z 7a0.a28: ChangeTime: 2015-05-09T18:45:56.410595400Z 7a0.a28: FileAttributes: 0x20 7a0.a28: Size: 0x19f10 7a0.a28: NT Headers: 0xf8 7a0.a28: Timestamp: 0x54d8e401 7a0.a28: Machine: 0x8664 - amd64 7a0.a28: Timestamp: 0x54d8e401 7a0.a28: Image Version: 6.1 7a0.a28: SizeOfImage: 0x1e000 (122880) 7a0.a28: Resource Dir: 0x1c000 LB 0x380 7a0.a28: ProductName: Nano Network Security 7a0.a28: ProductVersion: 3.1.0.343 7a0.a28: FileVersion: 1.2.0.218 built by: WinDDK 7a0.a28: FileDescription: Transport Layer Session Colorizer 7a0.a28: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 7a0.a28: Calling main() 7a0.a28: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 7a0.a28: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 7a0.a28: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 7a0.a28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 7a0.a28: SUPR3HardenedMain: Respawn #2 7a0.a28: supR3HardNtEnableThreadCreation: 7a0.a28: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff958078ec0 pvNtTerminateThread=00007ff9580f1700 7a0.a28: supR3HardenedWinDoReSpawn(2): New child 9c4.12c [kernel32]. 7a0.a28: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless) 7a0.a28: supR3HardNtChildGatherData: PebBaseAddress=00007ff6a04d7000 cbPeb=0x388 7a0.a28: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff958060000 uNtDllChildAddr=00007ff958060000 7a0.a28: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff958078ec0 7a0.a28: supR3HardenedWinSetupChildInit: Start child. 7a0.a28: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 7a0.a28: supR3HardNtChildPurify: Startup delay kludge #1/0: 516 ms, 33 sleeps 7a0.a28: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 7a0.a28: *0000000000000000-ffffffffff28ffff 0x0001/0x0000 0x0000000 7a0.a28: *0000000000d70000-0000000000d4ffff 0x0004/0x0004 0x0020000 7a0.a28: *0000000000d90000-0000000000d80fff 0x0002/0x0002 0x0040000 7a0.a28: 0000000000d9f000-0000000000d9dfff 0x0001/0x0000 0x0000000 7a0.a28: *0000000000da0000-0000000000ca3fff 0x0000/0x0004 0x0020000 7a0.a28: 0000000000e9c000-0000000000e98fff 0x0104/0x0004 0x0020000 7a0.a28: 0000000000e9f000-0000000000e9dfff 0x0004/0x0004 0x0020000 7a0.a28: *0000000000ea0000-0000000000e9bfff 0x0002/0x0002 0x0040000 7a0.a28: 0000000000ea4000-0000000000e97fff 0x0001/0x0000 0x0000000 7a0.a28: *0000000000eb0000-0000000000eadfff 0x0004/0x0004 0x0020000 7a0.a28: 0000000000eb2000-ffffffff81d83fff 0x0001/0x0000 0x0000000 7a0.a28: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 7a0.a28: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 7a0.a28: 000000007fff0000-ffff800a5fb2ffff 0x0001/0x0000 0x0000000 7a0.a28: *00007ff6a04b0000-00007ff6a048cfff 0x0002/0x0002 0x0040000 7a0.a28: 00007ff6a04d3000-00007ff6a04cefff 0x0001/0x0000 0x0000000 7a0.a28: *00007ff6a04d7000-00007ff6a04d5fff 0x0004/0x0004 0x0020000 7a0.a28: 00007ff6a04d8000-00007ff6a04d1fff 0x0001/0x0000 0x0000000 7a0.a28: *00007ff6a04de000-00007ff6a04dbfff 0x0004/0x0004 0x0020000 7a0.a28: 00007ff6a04e0000-00007ff69f8affff 0x0001/0x0000 0x0000000 7a0.a28: *00007ff6a1110000-00007ff6a1110fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a1111000-00007ff6a1196fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a1197000-00007ff6a1197fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a1198000-00007ff6a11e1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a11e2000-00007ff6a11e2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a11e3000-00007ff6a11e3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a11e4000-00007ff6a11e5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a11e6000-00007ff6a11e6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a11e7000-00007ff6a11e7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a11e8000-00007ff6a11ebfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a11ec000-00007ff6a1235fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 7a0.a28: 00007ff6a1236000-00007ff3ea40bfff 0x0001/0x0000 0x0000000 7a0.a28: *00007ff958060000-00007ff958060fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff958061000-00007ff95818cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff95818d000-00007ff958192fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff958193000-00007ff95819ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff9581a0000-00007ff9581a0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff9581a1000-00007ff9581a3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff9581a4000-00007ff9581a4fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff9581a5000-00007ff95820bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll 7a0.a28: 00007ff95820c000-00007ff2b0437fff 0x0001/0x0000 0x0000000 7a0.a28: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000 7a0.a28: VirtualBox.exe: timestamp 0x559e485f (rc=VINF_SUCCESS) 7a0.a28: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 7a0.a28: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports 7a0.a28: supR3HardNtChildPurify: Done after 594 ms and 0 fixes (loop #0). 9c4.12c: Log file opened: 5.0.0r101573 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000 9c4.12c: supR3HardenedVmProcessInit: uNtDllAddr=00007ff958060000 7a0.a28: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000fb0000 LB 0x400000) 7a0.a28: supR3HardNtEnableThreadCreation: 9c4.12c: ntdll.dll: timestamp 0x55c4c16b (rc=VINF_SUCCESS) 9c4.12c: New simple heap: #1 0000000000fc0000 LB 0x400000 (for 1753088 allocation) 9c4.12c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 9c4.12c: System32: \Device\HarddiskVolume4\Windows\System32 9c4.12c: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 9c4.12c: KnownDllPath: C:\Windows\system32 9c4.12c: supR3HardenedVmProcessInit: Opening vboxdrv... 9c4.12c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 9c4.12c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 9c4.12c: Registered Dll notification callback with NTDLL. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff955460000 LB 0x00115000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0] 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957940000 LB 0x0013e000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957940000 'C:\Windows\system32\KERNEL32.DLL' 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff6a1110000 LB 0x00126000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0] 9c4.12c: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe 9c4.12c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff958078ec0 pvNtTerminateThread=00007ff9580f1700 7a0.a28: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 141 ms. 9c4.12c: \SystemRoot\System32\ntdll.dll: 9c4.12c: CreationTime: 2015-10-14T13:13:36.775344700Z 9c4.12c: LastWriteTime: 2015-08-07T21:40:29.476583000Z 9c4.12c: ChangeTime: 2015-11-11T09:56:13.483088800Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1a7f48 9c4.12c: NT Headers: 0xd8 9c4.12c: Timestamp: 0x55c4c16b 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x55c4c16b 9c4.12c: Image Version: 6.3 9c4.12c: SizeOfImage: 0x1ac000 (1753088) 9c4.12c: Resource Dir: 0x148000 LB 0x62450 9c4.12c: ProductName: Microsoft® Windows® Operating System 9c4.12c: ProductVersion: 6.3.9600.18007 9c4.12c: FileVersion: 6.3.9600.18007 (winblue_ltsb.150807-0612) 9c4.12c: FileDescription: NT Layer DLL 9c4.12c: \SystemRoot\System32\kernel32.dll: 9c4.12c: CreationTime: 2015-04-22T13:18:45.398909300Z 9c4.12c: LastWriteTime: 2014-10-29T04:09:24.572407200Z 9c4.12c: ChangeTime: 2015-10-16T09:47:32.906482100Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x13fc30 9c4.12c: NT Headers: 0xf8 9c4.12c: Timestamp: 0x545054ca 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x545054ca 9c4.12c: Image Version: 6.3 9c4.12c: SizeOfImage: 0x13e000 (1302528) 9c4.12c: Resource Dir: 0x12e000 LB 0x518 9c4.12c: ProductName: Microsoft® Windows® Operating System 9c4.12c: ProductVersion: 6.3.9600.17415 9c4.12c: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500) 9c4.12c: FileDescription: Windows NT BASE API Client DLL 9c4.12c: \SystemRoot\System32\KernelBase.dll: 9c4.12c: CreationTime: 2015-10-14T13:13:45.459415500Z 9c4.12c: LastWriteTime: 2015-08-07T21:40:29.476583000Z 9c4.12c: ChangeTime: 2015-10-16T09:47:33.484608100Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1150a0 9c4.12c: NT Headers: 0xf0 9c4.12c: Timestamp: 0x55c4c341 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x55c4c341 9c4.12c: Image Version: 6.3 9c4.12c: SizeOfImage: 0x115000 (1134592) 9c4.12c: Resource Dir: 0x110000 LB 0x3530 9c4.12c: ProductName: Microsoft® Windows® Operating System 9c4.12c: ProductVersion: 6.3.9600.18007 9c4.12c: FileVersion: 6.3.9600.18007 (winblue_ltsb.150807-0612) 9c4.12c: FileDescription: Windows NT BASE API Client DLL 9c4.12c: \SystemRoot\System32\apisetschema.dll: 9c4.12c: CreationTime: 2013-08-22T12:13:09.745625900Z 9c4.12c: LastWriteTime: 2013-08-22T12:35:12.091034400Z 9c4.12c: ChangeTime: 2014-05-07T07:41:10.708341000Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x11360 9c4.12c: NT Headers: 0xd0 9c4.12c: Timestamp: 0x52160049 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x52160049 9c4.12c: Image Version: 6.3 9c4.12c: SizeOfImage: 0x13000 (77824) 9c4.12c: Resource Dir: 0x11000 LB 0x3f8 9c4.12c: ProductName: Microsoft® Windows® Operating System 9c4.12c: ProductVersion: 6.3.9600.16384 9c4.12c: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623) 9c4.12c: FileDescription: ApiSet Schema DLL 9c4.12c: NtOpenDirectoryObject failed on \Driver: 0xc0000022 9c4.12c: supR3HardenedWinFindAdversaries: 0x200 9c4.12c: \SystemRoot\System32\drivers\PSINAflt.sys: 9c4.12c: CreationTime: 2015-04-21T15:28:16.000000000Z 9c4.12c: LastWriteTime: 2015-04-21T15:28:16.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.001957900Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x27f10 9c4.12c: NT Headers: 0x108 9c4.12c: Timestamp: 0x55366bfd 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x55366bfd 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x2b000 (176128) 9c4.12c: Resource Dir: 0x29000 LB 0x398 9c4.12c: ProductName: Cloud Antivirus Platform 9c4.12c: ProductVersion: 4,0,0,760 9c4.12c: FileVersion: 4,0,0,760 built by: WinDDK 9c4.12c: FileDescription: PSINAflt Filter Driver for Vista64 9c4.12c: \SystemRoot\System32\drivers\PSINFile.sys: 9c4.12c: CreationTime: 2015-02-25T19:03:23.000000000Z 9c4.12c: LastWriteTime: 2015-02-25T19:03:23.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.017559000Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1db10 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54ee18a3 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54ee18a3 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x20000 (131072) 9c4.12c: Resource Dir: 0x1e000 LB 0x398 9c4.12c: ProductName: Cloud Antivirus Platform 9c4.12c: ProductVersion: 4,0,0,761 9c4.12c: FileVersion: 4,0,0,761 built by: WinDDK 9c4.12c: FileDescription: PSINFile Filter Driver for Vista64 9c4.12c: \SystemRoot\System32\drivers\PSINKNC.sys: 9c4.12c: CreationTime: 2015-02-25T19:03:24.000000000Z 9c4.12c: LastWriteTime: 2015-02-25T19:03:24.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.048806500Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x30310 9c4.12c: NT Headers: 0x108 9c4.12c: Timestamp: 0x54ee1824 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54ee1824 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x35000 (217088) 9c4.12c: Resource Dir: 0x33000 LB 0x390 9c4.12c: ProductName: Cloud Antivirus Platform 9c4.12c: ProductVersion: 4,0,0,767 9c4.12c: FileVersion: 4,0,0,767 built by: WinDDK 9c4.12c: FileDescription: PSINKNC Kernel Controller for Vista64 9c4.12c: \SystemRoot\System32\drivers\PSINProc.sys: 9c4.12c: CreationTime: 2015-02-25T19:03:24.000000000Z 9c4.12c: LastWriteTime: 2015-02-25T19:03:24.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.080058600Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1e510 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54ee1920 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54ee1920 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x21000 (135168) 9c4.12c: Resource Dir: 0x1f000 LB 0x398 9c4.12c: ProductName: Cloud Antivirus Platform 9c4.12c: ProductVersion: 4,0,0,753 9c4.12c: FileVersion: 4,0,0,753 built by: WinDDK 9c4.12c: FileDescription: PSINProc Filter Driver for Vista64 9c4.12c: \SystemRoot\System32\drivers\PSINProt.sys: 9c4.12c: CreationTime: 2015-02-25T19:03:24.000000000Z 9c4.12c: LastWriteTime: 2015-02-25T19:03:24.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.111307600Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x20b10 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54ee195f 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54ee195f 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x24000 (147456) 9c4.12c: Resource Dir: 0x22000 LB 0x378 9c4.12c: ProductName: Cloud Antivirus Platform 9c4.12c: ProductVersion: 4,0,0,750 9c4.12c: FileVersion: 4,0,0,750 built by: WinDDK 9c4.12c: FileDescription: PSINProt for Vista64 9c4.12c: \SystemRoot\System32\drivers\PSINReg.sys: 9c4.12c: CreationTime: 2015-02-25T19:03:25.000000000Z 9c4.12c: LastWriteTime: 2015-02-25T19:03:25.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:57.131951100Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1a510 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54ee18e1 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54ee18e1 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x1e000 (122880) 9c4.12c: Resource Dir: 0x1c000 LB 0x380 9c4.12c: ProductName: Cloud Antivirus Platform 9c4.12c: ProductVersion: 4.0.0.2 9c4.12c: FileVersion: 4.0.0.2 built by: WinDDK 9c4.12c: FileDescription: PSINReg Filter Driver for Vista64 9c4.12c: \SystemRoot\System32\drivers\PSKMAD.sys: 9c4.12c: CreationTime: 2015-11-12T10:48:41.997858600Z 9c4.12c: LastWriteTime: 2015-01-29T17:21:35.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:55.540799400Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0xf110 9c4.12c: NT Headers: 0xe8 9c4.12c: Timestamp: 0x54ca6987 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54ca6987 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x11000 (69632) 9c4.12c: Resource Dir: 0xf000 LB 0x368 9c4.12c: ProductName: Panda Technologies 9c4.12c: ProductVersion: 1.0.0.3500 9c4.12c: FileVersion: 1.0.0.14 9c4.12c: FileDescription: Panda Kernel Memory Access Driver (x64) 9c4.12c: \SystemRoot\System32\drivers\NNSAlpc.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:41.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:41.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.126931300Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x16f10 9c4.12c: NT Headers: 0xf8 9c4.12c: Timestamp: 0x54d8e34d 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8e34d 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x1b000 (110592) 9c4.12c: Resource Dir: 0x19000 LB 0x388 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.0.0.214 built by: WinDDK 9c4.12c: FileDescription: Application Layer Protocol Colorizer 9c4.12c: \SystemRoot\System32\drivers\NNSHttp.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:42.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:42.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.173807600Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x31510 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54d8f09c 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f09c 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x37000 (225280) 9c4.12c: Resource Dir: 0x35000 LB 0x358 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.3.0.224 built by: WinDDK 9c4.12c: FileDescription: Http Parser 9c4.12c: \SystemRoot\System32\drivers\NNShttps.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:42.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:42.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.205059100Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1b110 9c4.12c: NT Headers: 0xf0 9c4.12c: Timestamp: 0x54d8f8c0 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f8c0 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x21000 (135168) 9c4.12c: Resource Dir: 0x1f000 LB 0x360 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.2.0.60 built by: WinDDK 9c4.12c: FileDescription: Https Parser 9c4.12c: \SystemRoot\System32\drivers\NNSIds.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:42.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:42.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.220682900Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1c710 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54d8f3ce 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f3ce 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x28000 (163840) 9c4.12c: Resource Dir: 0x26000 LB 0x378 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.0.0.213 built by: WinDDK 9c4.12c: FileDescription: Intrusion Detection System 9c4.12c: \SystemRoot\System32\drivers\NNSNAHSL.sys: 9c4.12c: CreationTime: 2014-12-31T11:39:32.000000000Z 9c4.12c: LastWriteTime: 2014-12-31T11:39:32.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:49:15.612052100Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0xc310 9c4.12c: NT Headers: 0xe8 9c4.12c: Timestamp: 0x54a3dc8d 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54a3dc8d 9c4.12c: Image Version: 6.2 9c4.12c: SizeOfImage: 0xf000 (61440) 9c4.12c: Resource Dir: 0xd000 LB 0x368 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.342 9c4.12c: FileVersion: 4.1.0.47 9c4.12c: FileDescription: Network Activity Hook Server LWF 9c4.12c: \SystemRoot\System32\drivers\NNSpicc.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:43.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:43.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.394967100Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x18510 9c4.12c: NT Headers: 0xf8 9c4.12c: Timestamp: 0x54d8f13f 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f13f 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x1f000 (126976) 9c4.12c: Resource Dir: 0x1d000 LB 0x378 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.0.0.210 built by: WinDDK 9c4.12c: FileDescription: Process Info Colorizer Client 9c4.12c: \SystemRoot\System32\drivers\NNSPihsw.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:44.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:44.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.220682900Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x11110 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54d8f80c 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f80c 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x17000 (94208) 9c4.12c: Resource Dir: 0x15000 LB 0x380 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.0.0.87 built by: WinDDK 9c4.12c: FileDescription: Process Info Hook Server WFP 9c4.12c: \SystemRoot\System32\drivers\NNSPop3.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:44.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:44.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.280977700Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1e510 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54d8f563 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f563 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x25000 (151552) 9c4.12c: Resource Dir: 0x23000 LB 0x358 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.3.0.198 built by: WinDDK 9c4.12c: FileDescription: Pop3 Parser 9c4.12c: \SystemRoot\System32\drivers\NNSProt.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:45.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:45.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.332468600Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x49310 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54d8f21b 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f21b 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x50000 (327680) 9c4.12c: Resource Dir: 0x4e000 LB 0x360 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 5.0.0.218 built by: WinDDK 9c4.12c: FileDescription: Network Protector 9c4.12c: \SystemRoot\System32\drivers\NNSPrv.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:45.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:45.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.332468600Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x28910 9c4.12c: NT Headers: 0xf8 9c4.12c: Timestamp: 0x54d8e1d1 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8e1d1 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x47000 (290816) 9c4.12c: Resource Dir: 0x45000 LB 0x360 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 3.2.0.221 built by: WinDDK 9c4.12c: FileDescription: Network Provider 9c4.12c: \SystemRoot\System32\drivers\NNSSmtp.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:46.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:46.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.348091800Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x1bb10 9c4.12c: NT Headers: 0x100 9c4.12c: Timestamp: 0x54d8f781 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8f781 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x20000 (131072) 9c4.12c: Resource Dir: 0x1e000 LB 0x358 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.1.0.128 built by: WinDDK 9c4.12c: FileDescription: Smtp Parser 9c4.12c: \SystemRoot\System32\drivers\NNSStrm.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:46.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:46.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.379346400Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x3ed10 9c4.12c: NT Headers: 0xf8 9c4.12c: Timestamp: 0x54d8e511 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8e511 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x45000 (282624) 9c4.12c: Resource Dir: 0x43000 LB 0x350 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.3.0.227 built by: WinDDK 9c4.12c: FileDescription: Streamer 9c4.12c: \SystemRoot\System32\drivers\NNStlsc.sys: 9c4.12c: CreationTime: 2015-02-09T21:13:47.000000000Z 9c4.12c: LastWriteTime: 2015-02-09T21:13:47.000000000Z 9c4.12c: ChangeTime: 2015-05-09T18:45:56.410595400Z 9c4.12c: FileAttributes: 0x20 9c4.12c: Size: 0x19f10 9c4.12c: NT Headers: 0xf8 9c4.12c: Timestamp: 0x54d8e401 9c4.12c: Machine: 0x8664 - amd64 9c4.12c: Timestamp: 0x54d8e401 9c4.12c: Image Version: 6.1 9c4.12c: SizeOfImage: 0x1e000 (122880) 9c4.12c: Resource Dir: 0x1c000 LB 0x380 9c4.12c: ProductName: Nano Network Security 9c4.12c: ProductVersion: 3.1.0.343 9c4.12c: FileVersion: 1.2.0.218 built by: WinDDK 9c4.12c: FileDescription: Transport Layer Session Colorizer 9c4.12c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 9c4.12c: Calling main() 9c4.12c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 9c4.12c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 9c4.12c: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe) 9c4.12c: SUPR3HardenedMain: Final process, opening VBoxDrv... 9c4.12c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000fc0000 LB 0x400000) 9c4.12c: supR3HardNtEnableThreadCreation: 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff9518a0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'crypt32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'msasn1.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'msasn1.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff956f30000 LB 0x000aa000 C:\Windows\system32\msvcrt.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff955260000 LB 0x00011000 C:\Windows\system32\MSASN1.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff955280000 LB 0x001df000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957a80000 LB 0x00141000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff955580000 LB 0x00051000 C:\Windows\system32\Wintrust.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\system32\Wintrust.dll' 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff954cd0000 LB 0x00026000 C:\Windows\system32\bcrypt.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff954cd0000 'C:\Windows\system32\bcrypt.dll' 9c4.12c: bcrypt.dll loaded at 00007ff954cd0000, BCryptOpenAlgorithmProvider at 00007ff954cd34a0, preloading providers: 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff955010000 LB 0x00063000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955010000 'C:\Windows\system32\bcryptprimitives.dll' 9c4.12c: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000001438b20) 9c4.12c: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000001438f10) 9c4.12c: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000001439030) 9c4.12c: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000001439320) 9c4.12c: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000014395b0) 9c4.12c: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000001439490) 9c4.12c: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000001439fd0) 9c4.12c: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000014396d0) 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff954a80000 LB 0x00020000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff9546a0000 LB 0x00036000 C:\Windows\system32\rsaenh.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9546a0000 'C:\Windows\system32\rsaenh.dll' 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff955080000 LB 0x0000b000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957940000 'C:\Windows\system32\kernel32.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955580000 'C:\Windows\System32\WINTRUST.DLL' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955280000 'C:\Windows\system32\CRYPT32.dll' 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957bd0000 LB 0x00016000 C:\Windows\system32\imagehlp.dll [fFlags=0x0] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9546a0000 'C:\Windows\system32\rsaenh.dll' 9c4.12c: supHardenedWinVerifyImageByHandle: -> -22838 (\Device\HarddiskVolume4\Windows\System32\ncrypt.dll) 9c4.12c: Error (rc=0): 9c4.12c: supR3HardenedScreenImage/NtCreateSection: rc=Unknown Status -22838 (0xffffa6ca) fImage=1 fProtect=0xf fAccess=0x10 \Device\HarddiskVolume4\Windows\System32\ncrypt.dll: WinCert.CI.Content.SignedData.SignerInfos.paItems[#].UnauthenticatedAttributes.paItems[#].uValues.pContentInfos.paItems[#].Content.SignedData.ContentInfo.CmsContent.TstInfo.Accuracy.Seconds: Unexpected INTEGER type/flags: 0x0/0x80 (expected 0x2/0x0): \Device\HarddiskVolume4\Windows\System32\ncrypt.dll 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ncrypt.dll 9c4.12c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x8009200d () on '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' 9c4.12c: Error -22919 in VirtualBox! (enmWhat=1) 9c4.12c: WinVerifyTrust failed on stub executable: WinVerifyTrust failed with hrc=Unknown Status 0x8009200D on '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'user32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'shlwapi.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'gdi32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'gdi32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'dciman32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ddraw.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ddraw.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'nsi.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'msctf.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'devobj.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'imm32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008] 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\nsi.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\nsi.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dciman32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dciman32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'combase.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957420000 LB 0x00059000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957480000 LB 0x000aa000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff955750000 LB 0x00177000 C:\Windows\system32\USER32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957720000 LB 0x0014f000 C:\Windows\system32\GDI32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff949320000 LB 0x00009000 C:\Windows\SYSTEM32\DCIMAN32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff946570000 LB 0x000f8000 C:\Windows\SYSTEM32\DDRAW.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff945020000 LB 0x0002e000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff945050000 LB 0x0012b000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 000000005ffe0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 000000005ff40000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957530000 LB 0x00009000 C:\Windows\system32\NSI.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff9578d0000 LB 0x0005a000 C:\Windows\system32\WS2_32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff92c880000 LB 0x00543000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957200000 LB 0x00211000 C:\Windows\SYSTEM32\combase.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957ec0000 LB 0x00194000 C:\Windows\system32\ole32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 000000005fc60000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff956ed0000 LB 0x00054000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff9511b0000 LB 0x000a4000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\COMCTL32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff9558d0000 LB 0x0152b000 C:\Windows\system32\SHELL32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff953720000 LB 0x000b2000 C:\Windows\SYSTEM32\SHCORE.DLL [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957e00000 LB 0x000b6000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff956e00000 LB 0x000c1000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff9570a0000 LB 0x00152000 C:\Windows\system32\MSCTF.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff957880000 LB 0x00036000 C:\Windows\system32\IMM32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff9555e0000 LB 0x0004f000 C:\Windows\SYSTEM32\cfgmgr32.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff953fa0000 LB 0x00028000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff950200000 LB 0x0002a000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff950230000 LB 0x00022000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff950360000 LB 0x00082000 C:\Windows\SYSTEM32\WINSPOOL.DRV [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 000000005f2f0000 LB 0x0096c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 000000005f1e0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 000000005f100000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff92bdd0000 LB 0x00ab0000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92c880000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957880000 'C:\Windows\system32\imm32.dll' 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92bdd0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff950230000 'C:\Windows\system32\winmm.dll' 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 9c4.12c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff953e70000 LB 0x00129000 C:\Windows\system32\uxtheme.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff953e70000 'C:\Windows\system32\uxtheme.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff953e70000 'C:\Windows\system32\uxtheme.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff953e70000 'C:\Windows\system32\uxtheme.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff953e70000 'C:\Windows\system32\uxtheme.dll' 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'user32.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'gdi32.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff953520000 LB 0x00021000 C:\Windows\system32\dwmapi.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'. 9c4.12c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'. 9c4.12c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll) 9c4.12c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll 9c4.12c: supR3HardenedDllNotificationCallback: load 00007ff953ff0000 LB 0x0000b000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.12c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.12c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9558d0000 'C:\Windows\system32\shell32.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957940000 'C:\Windows\system32\kernel32.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff953e70000 'C:\Windows\system32\uxtheme.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff953e70000 'C:\Windows\system32\uxtheme.dll' 9c4.12c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955750000 'C:\Windows\system32\user32.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff953e70000 'C:\Windows\system32\uxtheme.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955750000 'C:\Windows\system32\user32.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957720000 'C:\Windows\system32\gdi32.dll' 9c4.12c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff955750000 'C:\Windows\system32\user32.dll' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\SYSTEM32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff950230000 'C:\Windows\SYSTEM32\WINMM.dll' 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957ec0000 'C:\Windows\system32\ole32.dll' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff957a80000 'C:\Windows\system32\rpcrt4.dll' 9c4.12c: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll' [redir] 9c4.12c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll [lacks WinVerifyTrust] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.12c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9511b0000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_34ae2abd958aedeb\comctl32.dll' 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'rpcrt4.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'devobj.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff951b60000 LB 0x00070000 C:\Windows\SYSTEM32\MMDevAPI.DLL [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'mmdevapi.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'user32.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'winmm.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ksuser.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'avrt.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff950260000 LB 0x00008000 C:\Windows\SYSTEM32\ksuser.dll [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff953360000 LB 0x0000c000 C:\Windows\SYSTEM32\AVRT.dll [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff94aa10000 LB 0x0003e000 C:\Windows\system32\wdmaud.drv [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff951b60000 'C:\Windows\system32\MMDEVAPI.DLL' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'mmdevapi.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff955150000 LB 0x00046000 C:\Windows\SYSTEM32\powrprof.dll [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\powrprof.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff9500d0000 LB 0x0007e000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9500d0000 'C:\Windows\system32\AUDIOSES.DLL' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff94aa10000 'C:\Windows\system32\wdmaud.drv' 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff94c6c0000 LB 0x0001c000 C:\Windows\SYSTEM32\MSACM32.dll [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff9518c0000 LB 0x0000b000 C:\Windows\system32\msacm32.drv [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9518c0000 'C:\Windows\system32\msacm32.drv' 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 9c4.690: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'. 9c4.690: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\midimap.dll) 9c4.690: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 9c4.690: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 9c4.690: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedDllNotificationCallback: load 00007ff950dd0000 LB 0x0000a000 C:\Windows\system32\midimap.dll [fFlags=0x0] 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff950dd0000 'C:\Windows\system32\midimap.dll' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff950dd0000 'C:\Windows\system32\midimap.dll' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff950dd0000 'C:\Windows\system32\midimap.dll' 9c4.690: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\midimap.dll [lacks WinVerifyTrust] 9c4.690: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] 9c4.690: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff950dd0000 'C:\Windows\system32\midimap.dll' 7a0.a28: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 13785 ms, the end); 16dc.17cc: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 14573 ms, the end);