1ee4.143c: Log file opened: 5.0.11r104393 g_hStartupLog=0000007c g_uNtVerCombined=0xa0295a00 1ee4.143c: \SystemRoot\System32\ntdll.dll: 1ee4.143c: CreationTime: 2015-10-30T05:44:57.246809900Z 1ee4.143c: LastWriteTime: 2015-10-30T05:44:57.262436800Z 1ee4.143c: ChangeTime: 2015-11-12T01:52:15.143116500Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x1782a0 1ee4.143c: NT Headers: 0xe8 1ee4.143c: Timestamp: 0x5632d13a 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5632d13a 1ee4.143c: Image Version: 10.0 1ee4.143c: SizeOfImage: 0x17b000 (1552384) 1ee4.143c: Resource Dir: 0x10f000 LB 0x66210 1ee4.143c: ProductName: Microsoft® Windows® Operating System 1ee4.143c: ProductVersion: 10.0.10586.0 1ee4.143c: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1ee4.143c: FileDescription: NT Layer DLL 1ee4.143c: \SystemRoot\System32\kernel32.dll: 1ee4.143c: CreationTime: 2015-10-30T05:44:43.120413900Z 1ee4.143c: LastWriteTime: 2015-10-30T05:44:43.120413900Z 1ee4.143c: ChangeTime: 2015-11-12T01:52:14.455522900Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x996d8 1ee4.143c: NT Headers: 0xf8 1ee4.143c: Timestamp: 0x5632d53c 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5632d53c 1ee4.143c: Image Version: 10.0 1ee4.143c: SizeOfImage: 0x96000 (614400) 1ee4.143c: Resource Dir: 0x90000 LB 0x528 1ee4.143c: ProductName: Microsoft® Windows® Operating System 1ee4.143c: ProductVersion: 10.0.10586.0 1ee4.143c: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1ee4.143c: FileDescription: Windows NT BASE API Client DLL 1ee4.143c: \SystemRoot\System32\KernelBase.dll: 1ee4.143c: CreationTime: 2015-10-30T05:44:57.278063400Z 1ee4.143c: LastWriteTime: 2015-10-30T05:44:57.293689900Z 1ee4.143c: ChangeTime: 2015-11-12T01:52:14.471123000Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x17d110 1ee4.143c: NT Headers: 0xf8 1ee4.143c: Timestamp: 0x5632d1bc 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5632d1bc 1ee4.143c: Image Version: 10.0 1ee4.143c: SizeOfImage: 0x17e000 (1564672) 1ee4.143c: Resource Dir: 0x161000 LB 0x540 1ee4.143c: ProductName: Microsoft® Windows® Operating System 1ee4.143c: ProductVersion: 10.0.10586.0 1ee4.143c: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1ee4.143c: FileDescription: Windows NT BASE API Client DLL 1ee4.143c: \SystemRoot\System32\apisetschema.dll: 1ee4.143c: CreationTime: 2015-10-30T05:44:52.355702200Z 1ee4.143c: LastWriteTime: 2015-10-30T05:44:52.355702200Z 1ee4.143c: ChangeTime: 2015-11-12T01:52:08.531934900Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x16d60 1ee4.143c: NT Headers: 0xc8 1ee4.143c: Timestamp: 0x5632d8f5 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5632d8f5 1ee4.143c: Image Version: 10.0 1ee4.143c: SizeOfImage: 0x18000 (98304) 1ee4.143c: Resource Dir: 0x17000 LB 0x400 1ee4.143c: ProductName: Microsoft® Windows® Operating System 1ee4.143c: ProductVersion: 10.0.10586.0 1ee4.143c: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 1ee4.143c: FileDescription: ApiSet Schema DLL 1ee4.143c: NtOpenDirectoryObject failed on \Driver: 0xc0000022 1ee4.143c: supR3HardenedWinFindAdversaries: 0x40 1ee4.143c: \SystemRoot\System32\drivers\kl1.sys: 1ee4.143c: CreationTime: 2015-06-23T00:40:04.000000000Z 1ee4.143c: LastWriteTime: 2015-06-23T00:40:04.000000000Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.816287400Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x258b8 1ee4.143c: NT Headers: 0xf0 1ee4.143c: Timestamp: 0x558314e0 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x558314e0 1ee4.143c: Image Version: 0.0 1ee4.143c: SizeOfImage: 0x526000 (5398528) 1ee4.143c: Resource Dir: 0x521000 LB 0x448 1ee4.143c: ProductName: Kaspersky Anti-Virus 1ee4.143c: ProductVersion: 6.0.1.990 1ee4.143c: FileVersion: 6.8.0.54 1ee4.143c: FileDescription: Kaspersky Unified Driver 1ee4.143c: \SystemRoot\System32\drivers\klflt.sys: 1ee4.143c: CreationTime: 2015-09-19T10:48:28.829148200Z 1ee4.143c: LastWriteTime: 2015-10-21T09:38:51.453698100Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.831928400Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x23f88 1ee4.143c: NT Headers: 0xe0 1ee4.143c: Timestamp: 0x5603e2ea 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5603e2ea 1ee4.143c: Image Version: 6.2 1ee4.143c: SizeOfImage: 0x2b000 (176128) 1ee4.143c: Resource Dir: 0x28000 LB 0x420 1ee4.143c: ProductName: System Interceptors PDK 1ee4.143c: ProductVersion: 10.0.0.1502 1ee4.143c: FileVersion: 10.0.0.1502 1ee4.143c: FileDescription: Filter Core [fre_win8_x86] 1ee4.143c: \SystemRoot\System32\drivers\klif.sys: 1ee4.143c: CreationTime: 2015-09-19T10:48:28.814070400Z 1ee4.143c: LastWriteTime: 2015-10-21T09:38:51.631571200Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.831928400Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0xb9f88 1ee4.143c: NT Headers: 0x108 1ee4.143c: Timestamp: 0x5603efda 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5603efda 1ee4.143c: Image Version: 6.2 1ee4.143c: SizeOfImage: 0xbd000 (774144) 1ee4.143c: Resource Dir: 0xb3000 LB 0x15e8 1ee4.143c: ProductName: System Interceptors PDK 1ee4.143c: ProductVersion: 10.0.0.1526 1ee4.143c: FileVersion: 10.0.0.1526 1ee4.143c: FileDescription: Core System Interceptors [fre_win8_x86] 1ee4.143c: \SystemRoot\System32\drivers\klim6.sys: 1ee4.143c: CreationTime: 2015-06-11T23:35:38.000000000Z 1ee4.143c: LastWriteTime: 2015-06-11T23:35:38.000000000Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.831928400Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x86b0 1ee4.143c: NT Headers: 0xe0 1ee4.143c: Timestamp: 0x5575572e 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5575572e 1ee4.143c: Image Version: 6.2 1ee4.143c: SizeOfImage: 0x8000 (32768) 1ee4.143c: Resource Dir: 0x6000 LB 0x490 1ee4.143c: ProductName: Kaspersky Anti-Virus 1ee4.143c: ProductVersion: 6.0.1.990 1ee4.143c: FileVersion: 8.0.0.102 1ee4.143c: FileDescription: Kaspersky Lab Intermediate Network Driver [fre_win8_x86] 1ee4.143c: \SystemRoot\System32\drivers\klkbdflt.sys: 1ee4.143c: CreationTime: 2015-06-06T12:31:42.000000000Z 1ee4.143c: LastWriteTime: 2015-06-06T12:31:42.000000000Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.831928400Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x90b8 1ee4.143c: NT Headers: 0xe8 1ee4.143c: Timestamp: 0x556da33c 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x556da33c 1ee4.143c: Image Version: 6.2 1ee4.143c: SizeOfImage: 0xa000 (40960) 1ee4.143c: Resource Dir: 0x8000 LB 0x438 1ee4.143c: ProductName: System Interceptors PDK 1ee4.143c: ProductVersion: 10.0.0.18 1ee4.143c: FileVersion: 10.0.0.18 1ee4.143c: FileDescription: Keyboard Device Filter [fre_win8_x86] 1ee4.143c: \SystemRoot\System32\drivers\klmouflt.sys: 1ee4.143c: CreationTime: 2015-06-07T05:50:04.000000000Z 1ee4.143c: LastWriteTime: 2015-06-07T05:50:04.000000000Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.831928400Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x92b8 1ee4.143c: NT Headers: 0xd8 1ee4.143c: Timestamp: 0x556da335 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x556da335 1ee4.143c: Image Version: 6.2 1ee4.143c: SizeOfImage: 0xb000 (45056) 1ee4.143c: Resource Dir: 0x9000 LB 0x438 1ee4.143c: ProductName: System Interceptors PDK 1ee4.143c: ProductVersion: 10.0.0.11 1ee4.143c: FileVersion: 10.0.0.11 1ee4.143c: FileDescription: Mouse Device Filter [fre_win8_x86] 1ee4.143c: \SystemRoot\System32\drivers\kneps.sys: 1ee4.143c: CreationTime: 2015-06-23T22:30:50.000000000Z 1ee4.143c: LastWriteTime: 2015-06-23T22:30:50.000000000Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.831928400Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x264b8 1ee4.143c: NT Headers: 0xf8 1ee4.143c: Timestamp: 0x5584097b 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x5584097b 1ee4.143c: Image Version: 5.2 1ee4.143c: SizeOfImage: 0x26000 (155648) 1ee4.143c: Resource Dir: 0x23000 LB 0x428 1ee4.143c: ProductName: System Interceptors PDK 1ee4.143c: ProductVersion: 10.0.0.25 1ee4.143c: FileVersion: 10.0.0.25 1ee4.143c: FileDescription: Network Processor [fre_wnet_x86] 1ee4.143c: \SystemRoot\System32\klfphc.dll: 1ee4.143c: CreationTime: 2013-05-06T12:13:26.000000000Z 1ee4.143c: LastWriteTime: 2013-05-06T12:13:26.000000000Z 1ee4.143c: ChangeTime: 2015-11-11T23:14:50.550660500Z 1ee4.143c: FileAttributes: 0x20 1ee4.143c: Size: 0x17a60 1ee4.143c: NT Headers: 0xe8 1ee4.143c: Timestamp: 0x51873be9 1ee4.143c: Machine: 0x14c - i386 1ee4.143c: Timestamp: 0x51873be9 1ee4.143c: Image Version: 0.0 1ee4.143c: SizeOfImage: 0x19000 (102400) 1ee4.143c: Resource Dir: 0x13000 LB 0x3af8 1ee4.143c: ProductName: Kaspersky™ Anti-Virus ® 1ee4.143c: ProductVersion: 1.0.0.12 1ee4.143c: FileVersion: 1.0.0.12 1ee4.143c: FileDescription: Filtering Platform Helper Class 1ee4.143c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox' 1ee4.143c: Calling main() 1ee4.143c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1ee4.143c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox' 1ee4.143c: SUPR3HardenedMain: Respawn #1 1ee4.143c: System32: \Device\HarddiskVolume2\Windows\System32 1ee4.143c: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS 1ee4.143c: KnownDllPath: C:\WINDOWS\system32 1ee4.143c: '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1ee4.143c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1ee4.143c: supR3HardNtEnableThreadCreation: 1ee4.143c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=7767fe20 pvNtTerminateThread=7769e130 1ee4.143c: supR3HardenedWinDoReSpawn(1): New child 3f10.1bec [kernel32]. 1ee4.143c: supR3HardNtChildGatherData: PebBaseAddress=0025d000 cbPeb=0x250 1ee4.143c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=77610000 uNtDllChildAddr=77610000 1ee4.143c: supR3HardenedWinSetupChildInit: uLdrInitThunk=7767fe20 1ee4.143c: supR3HardenedWinSetupChildInit: Start child. 1ee4.143c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 1ee4.143c: supR3HardNtChildPurify: Startup delay kludge #1/0: 517 ms, 0 sleeps 1ee4.143c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1ee4.143c: *00000000-fffeffff 0x0001/0x0000 0x0000000 1ee4.143c: *00010000-fffeffff 0x0004/0x0004 0x0020000 1ee4.143c: *00030000-0001afff 0x0002/0x0002 0x0040000 1ee4.143c: 00045000-00039fff 0x0001/0x0000 0x0000000 1ee4.143c: *00050000-fff52fff 0x0000/0x0004 0x0020000 1ee4.143c: 0014d000-0014afff 0x0104/0x0004 0x0020000 1ee4.143c: 0014f000-0014dfff 0x0004/0x0004 0x0020000 1ee4.143c: *00150000-0014cfff 0x0002/0x0002 0x0040000 1ee4.143c: 00153000-00145fff 0x0001/0x0000 0x0000000 1ee4.143c: *00160000-0015dfff 0x0004/0x0004 0x0020000 1ee4.143c: 00162000-000c3fff 0x0001/0x0000 0x0000000 1ee4.143c: *00200000-001a2fff 0x0000/0x0004 0x0020000 1ee4.143c: 0025d000-0025afff 0x0004/0x0004 0x0020000 1ee4.143c: 0025f000-000bdfff 0x0000/0x0004 0x0020000 1ee4.143c: 00400000-ffa1ffff 0x0001/0x0000 0x0000000 1ee4.143c: *00de0000-00de0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00de1000-00e57fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e58000-00e58fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e59000-00e92fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e93000-00e93fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e94000-00e94fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e95000-00e95fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e96000-00e96fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e97000-00e9bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e9c000-00e9efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e9f000-00ee2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00ee3000-ffdf5fff 0x0001/0x0000 0x0000000 1ee4.143c: *01fd0000-01fcefff 0x0004/0x0004 0x0020000 1ee4.143c: 01fd1000-01fc1fff 0x0001/0x0000 0x0000000 1ee4.143c: *01fe0000-01fdefff 0x0010/0x0010 0x0020000 !! 1ee4.143c: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 01fe0000 (LB 0x1000, 01fe0000 LB 0x1000) 1ee4.143c: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [01fe0000/01fe0000 LB 0/0x1000] 1ee4.143c: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [00000000]/01fe0000 LB 0x10000 s=0x10000 ap=0x0 rp=0x000001 1ee4.143c: 01fe1000-01fd1fff 0x0001/0x0000 0x0000000 1ee4.143c: *01ff0000-01feefff 0x0004/0x0004 0x0020000 1ee4.143c: 01ff1000-8c9d1fff 0x0001/0x0000 0x0000000 1ee4.143c: *77610000-77610fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 77611000-77717fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 77718000-7771bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 7771c000-7771cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 7771d000-7771efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 7771f000-7778afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 7778b000-6f1c5fff 0x0001/0x0000 0x0000000 1ee4.143c: *7fd50000-7fd2cfff 0x0002/0x0002 0x0040000 1ee4.143c: 7fd73000-7fb05fff 0x0001/0x0000 0x0000000 1ee4.143c: *7ffe0000-7ffdefff 0x0002/0x0002 0x0020000 1ee4.143c: 7ffe1000-7ffd1fff 0x0001/0x0002 0x0020000 1ee4.143c: VirtualBox.exe: timestamp 0x56583dfa (rc=VINF_SUCCESS) 1ee4.143c: '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1ee4.143c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports 1ee4.143c: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x40 1ee4.143c: supR3HardNtChildPurify: Startup delay kludge #1/1: 515 ms, 0 sleeps 1ee4.143c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1ee4.143c: *00000000-fffeffff 0x0001/0x0000 0x0000000 1ee4.143c: *00010000-fffeffff 0x0004/0x0004 0x0020000 1ee4.143c: *00030000-0001afff 0x0002/0x0002 0x0040000 1ee4.143c: 00045000-00039fff 0x0001/0x0000 0x0000000 1ee4.143c: *00050000-fff52fff 0x0000/0x0004 0x0020000 1ee4.143c: 0014d000-0014afff 0x0104/0x0004 0x0020000 1ee4.143c: 0014f000-0014dfff 0x0004/0x0004 0x0020000 1ee4.143c: *00150000-0014cfff 0x0002/0x0002 0x0040000 1ee4.143c: 00153000-00145fff 0x0001/0x0000 0x0000000 1ee4.143c: *00160000-0015dfff 0x0004/0x0004 0x0020000 1ee4.143c: 00162000-000c3fff 0x0001/0x0000 0x0000000 1ee4.143c: *00200000-001a2fff 0x0000/0x0004 0x0020000 1ee4.143c: 0025d000-0025afff 0x0004/0x0004 0x0020000 1ee4.143c: 0025f000-000bdfff 0x0000/0x0004 0x0020000 1ee4.143c: 00400000-ffa1ffff 0x0001/0x0000 0x0000000 1ee4.143c: *00de0000-00de0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00de1000-00e57fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e58000-00e58fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e59000-00e92fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e93000-00e9efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00e9f000-00ee2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 1ee4.143c: 00ee3000-ffdf5fff 0x0001/0x0000 0x0000000 1ee4.143c: *01fd0000-01fcefff 0x0004/0x0004 0x0020000 1ee4.143c: 01fd1000-01fb1fff 0x0001/0x0000 0x0000000 1ee4.143c: *01ff0000-01feefff 0x0004/0x0004 0x0020000 1ee4.143c: 01ff1000-8c9d1fff 0x0001/0x0000 0x0000000 1ee4.143c: *77610000-77610fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 77611000-77717fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 77718000-77718fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 77719000-7771cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 7771d000-7771efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 7771f000-7778afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 1ee4.143c: 7778b000-6f1c5fff 0x0001/0x0000 0x0000000 1ee4.143c: *7fd50000-7fd2cfff 0x0002/0x0002 0x0040000 1ee4.143c: 7fd73000-7fb05fff 0x0001/0x0000 0x0000000 1ee4.143c: *7ffe0000-7ffdefff 0x0002/0x0002 0x0020000 1ee4.143c: 7ffe1000-7ffd1fff 0x0001/0x0002 0x0020000 1ee4.143c: supR3HardNtChildPurify: Done after 1092 ms and 1 fixes (loop #1). 3f10.1bec: Log file opened: 5.0.11r104393 g_hStartupLog=00000004 g_uNtVerCombined=0xa0295a00 3f10.1bec: supR3HardenedVmProcessInit: uNtDllAddr=77610000 1ee4.143c: supR3HardNtEnableThreadCreation: 3f10.1bec: ntdll.dll: timestamp 0x5632d13a (rc=VINF_SUCCESS) 3f10.1bec: New simple heap: #1 00500000 LB 0x400000 (for 1552384 allocation) 3f10.1bec: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox' 3f10.1bec: System32: \Device\HarddiskVolume2\Windows\System32 3f10.1bec: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS 3f10.1bec: KnownDllPath: C:\WINDOWS\system32 3f10.1bec: supR3HardenedVmProcessInit: Opening vboxdrv stub... 3f10.1bec: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 3f10.1bec: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 3f10.1bec: Registered Dll notification callback with NTDLL. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000801: [calling] 3f10.1bec: supR3HardenedDllNotificationCallback: load 74720000 LB 0x0017e000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 75e50000 LB 0x00096000 C:\WINDOWS\system32\KERNEL32.DLL [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75e50000 'C:\WINDOWS\system32\KERNEL32.DLL' 3f10.1bec: supR3HardenedDllNotificationCallback: load 00de0000 LB 0x00103000 K:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0] 3f10.1bec: '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe 3f10.1bec: supR3HardNtDisableThreadCreation: pvLdrInitThunk=7767fe20 pvNtTerminateThread=7769e130 1ee4.143c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 118 ms. 3f10.1bec: \SystemRoot\System32\ntdll.dll: 3f10.1bec: CreationTime: 2015-10-30T05:44:57.246809900Z 3f10.1bec: LastWriteTime: 2015-10-30T05:44:57.262436800Z 3f10.1bec: ChangeTime: 2015-11-12T01:52:15.143116500Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x1782a0 3f10.1bec: NT Headers: 0xe8 3f10.1bec: Timestamp: 0x5632d13a 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5632d13a 3f10.1bec: Image Version: 10.0 3f10.1bec: SizeOfImage: 0x17b000 (1552384) 3f10.1bec: Resource Dir: 0x10f000 LB 0x66210 3f10.1bec: ProductName: Microsoft® Windows® Operating System 3f10.1bec: ProductVersion: 10.0.10586.0 3f10.1bec: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 3f10.1bec: FileDescription: NT Layer DLL 3f10.1bec: \SystemRoot\System32\kernel32.dll: 3f10.1bec: CreationTime: 2015-10-30T05:44:43.120413900Z 3f10.1bec: LastWriteTime: 2015-10-30T05:44:43.120413900Z 3f10.1bec: ChangeTime: 2015-11-12T01:52:14.455522900Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x996d8 3f10.1bec: NT Headers: 0xf8 3f10.1bec: Timestamp: 0x5632d53c 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5632d53c 3f10.1bec: Image Version: 10.0 3f10.1bec: SizeOfImage: 0x96000 (614400) 3f10.1bec: Resource Dir: 0x90000 LB 0x528 3f10.1bec: ProductName: Microsoft® Windows® Operating System 3f10.1bec: ProductVersion: 10.0.10586.0 3f10.1bec: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 3f10.1bec: FileDescription: Windows NT BASE API Client DLL 3f10.1bec: \SystemRoot\System32\KernelBase.dll: 3f10.1bec: CreationTime: 2015-10-30T05:44:57.278063400Z 3f10.1bec: LastWriteTime: 2015-10-30T05:44:57.293689900Z 3f10.1bec: ChangeTime: 2015-11-12T01:52:14.471123000Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x17d110 3f10.1bec: NT Headers: 0xf8 3f10.1bec: Timestamp: 0x5632d1bc 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5632d1bc 3f10.1bec: Image Version: 10.0 3f10.1bec: SizeOfImage: 0x17e000 (1564672) 3f10.1bec: Resource Dir: 0x161000 LB 0x540 3f10.1bec: ProductName: Microsoft® Windows® Operating System 3f10.1bec: ProductVersion: 10.0.10586.0 3f10.1bec: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 3f10.1bec: FileDescription: Windows NT BASE API Client DLL 3f10.1bec: \SystemRoot\System32\apisetschema.dll: 3f10.1bec: CreationTime: 2015-10-30T05:44:52.355702200Z 3f10.1bec: LastWriteTime: 2015-10-30T05:44:52.355702200Z 3f10.1bec: ChangeTime: 2015-11-12T01:52:08.531934900Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x16d60 3f10.1bec: NT Headers: 0xc8 3f10.1bec: Timestamp: 0x5632d8f5 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5632d8f5 3f10.1bec: Image Version: 10.0 3f10.1bec: SizeOfImage: 0x18000 (98304) 3f10.1bec: Resource Dir: 0x17000 LB 0x400 3f10.1bec: ProductName: Microsoft® Windows® Operating System 3f10.1bec: ProductVersion: 10.0.10586.0 3f10.1bec: FileVersion: 10.0.10586.0 (th2_release.151029-1700) 3f10.1bec: FileDescription: ApiSet Schema DLL 3f10.1bec: NtOpenDirectoryObject failed on \Driver: 0xc0000022 3f10.1bec: supR3HardenedWinFindAdversaries: 0x40 3f10.1bec: \SystemRoot\System32\drivers\kl1.sys: 3f10.1bec: CreationTime: 2015-06-23T00:40:04.000000000Z 3f10.1bec: LastWriteTime: 2015-06-23T00:40:04.000000000Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.816287400Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x258b8 3f10.1bec: NT Headers: 0xf0 3f10.1bec: Timestamp: 0x558314e0 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x558314e0 3f10.1bec: Image Version: 0.0 3f10.1bec: SizeOfImage: 0x526000 (5398528) 3f10.1bec: Resource Dir: 0x521000 LB 0x448 3f10.1bec: ProductName: Kaspersky Anti-Virus 3f10.1bec: ProductVersion: 6.0.1.990 3f10.1bec: FileVersion: 6.8.0.54 3f10.1bec: FileDescription: Kaspersky Unified Driver 3f10.1bec: \SystemRoot\System32\drivers\klflt.sys: 3f10.1bec: CreationTime: 2015-09-19T10:48:28.829148200Z 3f10.1bec: LastWriteTime: 2015-10-21T09:38:51.453698100Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.831928400Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x23f88 3f10.1bec: NT Headers: 0xe0 3f10.1bec: Timestamp: 0x5603e2ea 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5603e2ea 3f10.1bec: Image Version: 6.2 3f10.1bec: SizeOfImage: 0x2b000 (176128) 3f10.1bec: Resource Dir: 0x28000 LB 0x420 3f10.1bec: ProductName: System Interceptors PDK 3f10.1bec: ProductVersion: 10.0.0.1502 3f10.1bec: FileVersion: 10.0.0.1502 3f10.1bec: FileDescription: Filter Core [fre_win8_x86] 3f10.1bec: \SystemRoot\System32\drivers\klif.sys: 3f10.1bec: CreationTime: 2015-09-19T10:48:28.814070400Z 3f10.1bec: LastWriteTime: 2015-10-21T09:38:51.631571200Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.831928400Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0xb9f88 3f10.1bec: NT Headers: 0x108 3f10.1bec: Timestamp: 0x5603efda 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5603efda 3f10.1bec: Image Version: 6.2 3f10.1bec: SizeOfImage: 0xbd000 (774144) 3f10.1bec: Resource Dir: 0xb3000 LB 0x15e8 3f10.1bec: ProductName: System Interceptors PDK 3f10.1bec: ProductVersion: 10.0.0.1526 3f10.1bec: FileVersion: 10.0.0.1526 3f10.1bec: FileDescription: Core System Interceptors [fre_win8_x86] 3f10.1bec: \SystemRoot\System32\drivers\klim6.sys: 3f10.1bec: CreationTime: 2015-06-11T23:35:38.000000000Z 3f10.1bec: LastWriteTime: 2015-06-11T23:35:38.000000000Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.831928400Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x86b0 3f10.1bec: NT Headers: 0xe0 3f10.1bec: Timestamp: 0x5575572e 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5575572e 3f10.1bec: Image Version: 6.2 3f10.1bec: SizeOfImage: 0x8000 (32768) 3f10.1bec: Resource Dir: 0x6000 LB 0x490 3f10.1bec: ProductName: Kaspersky Anti-Virus 3f10.1bec: ProductVersion: 6.0.1.990 3f10.1bec: FileVersion: 8.0.0.102 3f10.1bec: FileDescription: Kaspersky Lab Intermediate Network Driver [fre_win8_x86] 3f10.1bec: \SystemRoot\System32\drivers\klkbdflt.sys: 3f10.1bec: CreationTime: 2015-06-06T12:31:42.000000000Z 3f10.1bec: LastWriteTime: 2015-06-06T12:31:42.000000000Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.831928400Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x90b8 3f10.1bec: NT Headers: 0xe8 3f10.1bec: Timestamp: 0x556da33c 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x556da33c 3f10.1bec: Image Version: 6.2 3f10.1bec: SizeOfImage: 0xa000 (40960) 3f10.1bec: Resource Dir: 0x8000 LB 0x438 3f10.1bec: ProductName: System Interceptors PDK 3f10.1bec: ProductVersion: 10.0.0.18 3f10.1bec: FileVersion: 10.0.0.18 3f10.1bec: FileDescription: Keyboard Device Filter [fre_win8_x86] 3f10.1bec: \SystemRoot\System32\drivers\klmouflt.sys: 3f10.1bec: CreationTime: 2015-06-07T05:50:04.000000000Z 3f10.1bec: LastWriteTime: 2015-06-07T05:50:04.000000000Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.831928400Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x92b8 3f10.1bec: NT Headers: 0xd8 3f10.1bec: Timestamp: 0x556da335 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x556da335 3f10.1bec: Image Version: 6.2 3f10.1bec: SizeOfImage: 0xb000 (45056) 3f10.1bec: Resource Dir: 0x9000 LB 0x438 3f10.1bec: ProductName: System Interceptors PDK 3f10.1bec: ProductVersion: 10.0.0.11 3f10.1bec: FileVersion: 10.0.0.11 3f10.1bec: FileDescription: Mouse Device Filter [fre_win8_x86] 3f10.1bec: \SystemRoot\System32\drivers\kneps.sys: 3f10.1bec: CreationTime: 2015-06-23T22:30:50.000000000Z 3f10.1bec: LastWriteTime: 2015-06-23T22:30:50.000000000Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.831928400Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x264b8 3f10.1bec: NT Headers: 0xf8 3f10.1bec: Timestamp: 0x5584097b 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x5584097b 3f10.1bec: Image Version: 5.2 3f10.1bec: SizeOfImage: 0x26000 (155648) 3f10.1bec: Resource Dir: 0x23000 LB 0x428 3f10.1bec: ProductName: System Interceptors PDK 3f10.1bec: ProductVersion: 10.0.0.25 3f10.1bec: FileVersion: 10.0.0.25 3f10.1bec: FileDescription: Network Processor [fre_wnet_x86] 3f10.1bec: \SystemRoot\System32\klfphc.dll: 3f10.1bec: CreationTime: 2013-05-06T12:13:26.000000000Z 3f10.1bec: LastWriteTime: 2013-05-06T12:13:26.000000000Z 3f10.1bec: ChangeTime: 2015-11-11T23:14:50.550660500Z 3f10.1bec: FileAttributes: 0x20 3f10.1bec: Size: 0x17a60 3f10.1bec: NT Headers: 0xe8 3f10.1bec: Timestamp: 0x51873be9 3f10.1bec: Machine: 0x14c - i386 3f10.1bec: Timestamp: 0x51873be9 3f10.1bec: Image Version: 0.0 3f10.1bec: SizeOfImage: 0x19000 (102400) 3f10.1bec: Resource Dir: 0x13000 LB 0x3af8 3f10.1bec: ProductName: Kaspersky™ Anti-Virus ® 3f10.1bec: ProductVersion: 1.0.0.12 3f10.1bec: FileVersion: 1.0.0.12 3f10.1bec: FileDescription: Filtering Platform Helper Class 3f10.1bec: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox' 3f10.1bec: Calling main() 3f10.1bec: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 3f10.1bec: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox' 3f10.1bec: '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.exe) 3f10.1bec: SUPR3HardenedMain: Respawn #2 3f10.1bec: supR3HardNtEnableThreadCreation: 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000000: [calling] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 72dc0000 LB 0x00092000 C:\WINDOWS\system32\apphelp.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=72dc0000 'C:\WINDOWS\system32\apphelp.dll' 3f10.1bec: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) 3f10.1bec: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment "Win 8.1" --startvm 2bf7f831-dc84-4127-9c63-e08235d01021 --no-startvm-errormsgbox "--sup-hardening-log=C:\Users\D\VirtualBox VMs\Win 8.1\Logs\VBoxHardening.log"' 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtcorevbox4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtguivbox4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'shlwapi.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'comctl32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'shell32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'firewallapi.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'netapi32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'gdi32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxVMM.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxVMM.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'dciman32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxREM.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxREM.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'bcrypt.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winspool.drv) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imm32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume2\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'bcryptprimitives.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\combase.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\combase.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\netapi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\netapi32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\netapi32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'firewallapi.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'firewallapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\firewallapi.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\FirewallAPI.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\FirewallAPI.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmmbase.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmmbase.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxVMM.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=K:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000a01: [calling] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxVMM.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\comctl32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\comctl32.dll 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxREM.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\davhlpr.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\davhlpr.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 75690000 LB 0x000be000 C:\WINDOWS\system32\msvcrt.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 74fb0000 LB 0x000c2000 C:\WINDOWS\system32\RPCRT4.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 75110000 LB 0x00044000 C:\WINDOWS\system32\sechost.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 75090000 LB 0x0007b000 C:\WINDOWS\system32\ADVAPI32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 75d00000 LB 0x00138000 C:\WINDOWS\system32\USER32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 75790000 LB 0x00155000 C:\WINDOWS\system32\GDI32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 697a0000 LB 0x00007000 C:\WINDOWS\SYSTEM32\DCIMAN32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 5c2c0000 LB 0x000ee000 C:\WINDOWS\SYSTEM32\DDRAW.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 69120000 LB 0x00025000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 5cc20000 LB 0x000e0000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 77ba0000 LB 0x000bf000 K:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 583b0000 LB 0x00069000 K:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 75470000 LB 0x0005f000 C:\WINDOWS\system32\WS2_32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 00ef0000 LB 0x00440000 K:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 6b490000 LB 0x00007000 K:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxREM.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 01330000 LB 0x00229000 K:\Program Files\Oracle\VirtualBox\VBoxVMM.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxVMM.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 744e0000 LB 0x00058000 C:\WINDOWS\system32\bcryptPrimitives.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 752b0000 LB 0x001bd000 C:\WINDOWS\system32\combase.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 755a0000 LB 0x000eb000 C:\WINDOWS\system32\ole32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 66a00000 LB 0x00274000 K:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 75ef0000 LB 0x0008d000 C:\WINDOWS\system32\shcore.dll [fFlags=0x0] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\SHCore.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\SHCore.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 75550000 LB 0x00045000 C:\WINDOWS\system32\shlwapi.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 718a0000 LB 0x00092000 C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\COMCTL32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\comctl32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 744a0000 LB 0x00037000 C:\WINDOWS\system32\cfgmgr32.dll [fFlags=0x0] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 743f0000 LB 0x0000c000 C:\WINDOWS\system32\kernel.appcore.dll [fFlags=0x0] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 743a0000 LB 0x00044000 C:\WINDOWS\system32\powrprof.dll [fFlags=0x0] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\powrprof.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\powrprof.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 74390000 LB 0x0000f000 C:\WINDOWS\system32\profapi.dll [fFlags=0x0] 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\profapi.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 748a0000 LB 0x004f9000 C:\WINDOWS\system32\windows.storage.dll [fFlags=0x0] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #65 'profapi.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\windows.storage.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\windows.storage.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 75f80000 LB 0x013ff000 C:\WINDOWS\system32\SHELL32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 746c0000 LB 0x0005e000 C:\WINDOWS\system32\FirewallAPI.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\FirewallAPI.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 74df0000 LB 0x00013000 C:\WINDOWS\system32\NETAPI32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\netapi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 70aa0000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\DAVHLPR.DLL [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\davhlpr.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 74e10000 LB 0x000f2000 C:\WINDOWS\system32\COMDLG32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 74f10000 LB 0x00092000 C:\WINDOWS\system32\OLEAUT32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 75750000 LB 0x0002f000 C:\WINDOWS\system32\IMM32.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 72a80000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 72ad0000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 742e0000 LB 0x0001d000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 70b70000 LB 0x00067000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 64280000 LB 0x00810000 K:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 62ce0000 LB 0x000c1000 K:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 0f6e0000 LB 0x009ac000 K:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=K:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=K:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=K:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=K:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=K:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=K:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume9\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00ef0000 'K:\Program Files\Oracle\VirtualBox\VBoxRT.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75750000 'C:\WINDOWS\system32\imm32.dll' 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\fwbase.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\fwbase.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 73440000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\fwbase.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\fwbase.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0f6e0000 'K:\Program Files\Oracle\VirtualBox\VirtualBox.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=72ad0000 'C:\WINDOWS\system32\winmm.dll' 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000009: [calling] 3f10.1bec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedDllNotificationCallback: load 73170000 LB 0x00079000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73170000 'C:\WINDOWS\system32\uxtheme.dll' 3f10.1bec: supR3HardenedDllNotificationCallback: load 77380000 LB 0x0011f000 C:\WINDOWS\system32\MSCTF.dll [fFlags=0x0] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'imm32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msctf.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'user32.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'gdi32.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll 3f10.1bec: supR3HardenedDllNotificationCallback: load 72400000 LB 0x0001d000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.1bec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75f80000 'C:\WINDOWS\system32\shell32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75e50000 'C:\WINDOWS\system32\kernel32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73170000 'C:\WINDOWS\system32\uxtheme.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73170000 'C:\WINDOWS\system32\uxtheme.dll' 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75d00000 'C:\WINDOWS\system32\user32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73170000 'C:\WINDOWS\system32\uxtheme.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75d00000 'C:\WINDOWS\system32\user32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75790000 'C:\WINDOWS\system32\gdi32.dll' 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\WINDOWS\system32\wintab32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75d00000 'C:\WINDOWS\system32\user32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75e50000 'C:\WINDOWS\system32\kernel32.dll' 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000009: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=77380000 'C:\WINDOWS\system32\MSCTF.dll' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=74fb0000 'C:\WINDOWS\system32\rpcrt4.dll' 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'devobj.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'propsys.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\propsys.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll 3f10.212c: supR3HardenedDllNotificationCallback: load 73140000 LB 0x00022000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 71eb0000 LB 0x0014b000 C:\WINDOWS\SYSTEM32\PROPSYS.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 6a410000 LB 0x00055000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'ksuser.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'winmm.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'avrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'mmdevapi.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\avrt.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 6c8e0000 LB 0x00007000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 70c50000 LB 0x00009000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 6c030000 LB 0x00038000 C:\WINDOWS\system32\wdmaud.drv [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6a410000 'C:\WINDOWS\system32\MMDEVAPI.DLL' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'mmdevapi.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000009: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=755a0000 'C:\WINDOWS\system32\ole32.dll' 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'combase.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\WinTypes.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\WinTypes.dll 3f10.212c: supR3HardenedDllNotificationCallback: load 6f570000 LB 0x000c8000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WinTypes.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 0f580000 LB 0x00068000 C:\WINDOWS\system32\AUDIOSES.DLL [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0f580000 'C:\WINDOWS\system32\AUDIOSES.DLL' 3f10.1bec: supR3HardenedDllNotificationCallback: load 751c0000 LB 0x00084000 C:\WINDOWS\system32\clbcatq.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c030000 'C:\WINDOWS\system32\wdmaud.drv' 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msacm32.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'user32.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.1bec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'. 3f10.1bec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll) 3f10.1bec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 6c010000 LB 0x00018000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 6c8d0000 LB 0x00009000 C:\WINDOWS\system32\msacm32.drv [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6c8d0000 'C:\WINDOWS\system32\msacm32.drv' 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. 3f10.212c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'winmm.dll'. 3f10.212c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\midimap.dll) 3f10.212c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... 3f10.212c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] 3f10.212c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedDllNotificationCallback: load 6b780000 LB 0x00008000 C:\WINDOWS\system32\midimap.dll [fFlags=0x0] 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6b780000 'C:\WINDOWS\system32\midimap.dll' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6b780000 'C:\WINDOWS\system32\midimap.dll' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6b780000 'C:\WINDOWS\system32\midimap.dll' 3f10.212c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00001001: [calling] 3f10.212c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6b780000 'C:\WINDOWS\system32\midimap.dll' 3f10.20a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] 3f10.20a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000009: [calling] 3f10.20a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=6a410000 'C:\WINDOWS\System32\MMDevApi.dll' 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: 'C:\WINDOWS\system32\comctl32.dll' -> 'C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\comctl32.dll' [redir] 3f10.1bec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\comctl32.dll [lacks WinVerifyTrust] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\comctl32.dll (Input=C:\WINDOWS\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000001: [calling] 3f10.1bec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=718a0000 'C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\comctl32.dll' 1ee4.143c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 4782 ms, the end);