3404.3780: Log file opened: 5.2.12r122591 g_hStartupLog=0000000000000088 g_uNtVerCombined=0x611db110 3404.3780: \SystemRoot\System32\ntdll.dll: 3404.3780: CreationTime: 2018-06-22T15:03:35.229878100Z 3404.3780: LastWriteTime: 2018-05-29T02:35:17.561156900Z 3404.3780: ChangeTime: 2018-07-02T07:00:56.964942900Z 3404.3780: FileAttributes: 0x20 3404.3780: Size: 0x196938 3404.3780: NT Headers: 0xe0 3404.3780: Timestamp: 0x5b0cbc1e 3404.3780: Machine: 0x8664 - amd64 3404.3780: Timestamp: 0x5b0cbc1e 3404.3780: Image Version: 6.1 3404.3780: SizeOfImage: 0x19f000 (1699840) 3404.3780: Resource Dir: 0x142000 LB 0x5a038 3404.3780: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 3404.3780: [Raw version resource data: 0x1420f0 LB 0x38c, codepage 0x0 (reserved 0x0)] 3404.3780: ProductName: Microsoft® Windows® Operating System 3404.3780: ProductVersion: 6.1.7601.24150 3404.3780: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) 3404.3780: FileDescription: NT Layer DLL 3404.3780: \SystemRoot\System32\kernel32.dll: 3404.3780: CreationTime: 2018-06-22T15:03:37.531074900Z 3404.3780: LastWriteTime: 2018-05-29T02:32:26.690000000Z 3404.3780: ChangeTime: 2018-07-02T07:01:01.402581000Z 3404.3780: FileAttributes: 0x20 3404.3780: Size: 0x11c000 3404.3780: NT Headers: 0xe0 3404.3780: Timestamp: 0x5b0cbc64 3404.3780: Machine: 0x8664 - amd64 3404.3780: Timestamp: 0x5b0cbc64 3404.3780: Image Version: 6.1 3404.3780: SizeOfImage: 0x11f000 (1175552) 3404.3780: Resource Dir: 0x116000 LB 0x530 3404.3780: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 3404.3780: [Raw version resource data: 0x1160b0 LB 0x3b0, codepage 0x0 (reserved 0x0)] 3404.3780: ProductName: Microsoft® Windows® Operating System 3404.3780: ProductVersion: 6.1.7601.24150 3404.3780: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) 3404.3780: FileDescription: Windows NT BASE API Client DLL 3404.3780: \SystemRoot\System32\KernelBase.dll: 3404.3780: CreationTime: 2018-06-22T15:03:42.884879700Z 3404.3780: LastWriteTime: 2018-05-29T02:32:26.706000000Z 3404.3780: ChangeTime: 2018-07-02T07:01:01.449623100Z 3404.3780: FileAttributes: 0x20 3404.3780: Size: 0x66800 3404.3780: NT Headers: 0xe8 3404.3780: Timestamp: 0x5b0cbc65 3404.3780: Machine: 0x8664 - amd64 3404.3780: Timestamp: 0x5b0cbc65 3404.3780: Image Version: 6.1 3404.3780: SizeOfImage: 0x6a000 (434176) 3404.3780: Resource Dir: 0x68000 LB 0x538 3404.3780: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 3404.3780: [Raw version resource data: 0x680b0 LB 0x3b8, codepage 0x0 (reserved 0x0)] 3404.3780: ProductName: Microsoft® Windows® Operating System 3404.3780: ProductVersion: 6.1.7601.24150 3404.3780: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) 3404.3780: FileDescription: Windows NT BASE API Client DLL 3404.3780: \SystemRoot\System32\apisetschema.dll: 3404.3780: CreationTime: 2018-06-22T15:03:58.758441300Z 3404.3780: LastWriteTime: 2018-05-29T02:32:21.268000000Z 3404.3780: ChangeTime: 2018-07-02T07:00:56.400437700Z 3404.3780: FileAttributes: 0x20 3404.3780: Size: 0x1c00 3404.3780: NT Headers: 0xc0 3404.3780: Timestamp: 0x5b0cbbfe 3404.3780: Machine: 0x8664 - amd64 3404.3780: Timestamp: 0x5b0cbbfe 3404.3780: Image Version: 6.1 3404.3780: SizeOfImage: 0x50000 (327680) 3404.3780: Resource Dir: 0x30000 LB 0x408 3404.3780: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 3404.3780: [Raw version resource data: 0x30060 LB 0x3a4, codepage 0x0 (reserved 0x0)] 3404.3780: ProductName: Microsoft® Windows® Operating System 3404.3780: ProductVersion: 6.1.7601.24150 3404.3780: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) 3404.3780: FileDescription: ApiSet Schema DLL 3404.3780: NtOpenDirectoryObject failed on \Driver: 0xc0000022 3404.3780: supR3HardenedWinFindAdversaries: 0x0 3404.3780: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 3404.3780: Calling main() 3404.3780: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 3404.3780: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 3404.3780: SUPR3HardenedMain: Respawn #1 3404.3780: System32: \Device\HarddiskVolume2\Windows\System32 3404.3780: WinSxS: \Device\HarddiskVolume2\Windows\winsxs 3404.3780: KnownDllPath: C:\Windows\system32 3404.3780: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 3404.3780: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe) 3404.3780: supR3HardNtEnableThreadCreation: 3404.3780: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077293740 pvNtTerminateThread=00000000772b9dd0 3404.3780: supR3HardenedWinDoReSpawn(1): New child fe4.2878 [kernel32]. 3404.3780: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380 3404.3780: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077250000 uNtDllChildAddr=0000000077250000 3404.3780: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077293740 3404.3780: supR3HardenedWinSetupChildInit: Start child. 3404.3780: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms. 3404.3780: supR3HardNtChildPurify: Startup delay kludge #1/0: 258 ms, 32 sleeps 3404.3780: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 3404.3780: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000 3404.3780: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000 3404.3780: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000 3404.3780: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000 3404.3780: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000 3404.3780: 0000000000041000-00000000000cffff 0x0001/0x0000 0x0000000 3404.3780: *00000000000d0000-00000000001cbfff 0x0000/0x0004 0x0020000 3404.3780: 00000000001cc000-00000000001cdfff 0x0104/0x0004 0x0020000 3404.3780: 00000000001ce000-00000000001cffff 0x0004/0x0004 0x0020000 3404.3780: 00000000001d0000-000000007724ffff 0x0001/0x0000 0x0000000 3404.3780: *0000000077250000-0000000077250fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 3404.3780: 0000000077251000-0000000077374fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 3404.3780: 0000000077375000-000000007737afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 3404.3780: 000000007737b000-000000007737bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 3404.3780: 000000007737c000-0000000077383fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 3404.3780: 0000000077384000-00000000773eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 3404.3780: 00000000773ef000-000000007efdffff 0x0001/0x0000 0x0000000 3404.3780: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000 3404.3780: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 3404.3780: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000 3404.3780: 000000007fff0000-000000013ff8ffff 0x0001/0x0000 0x0000000 3404.3780: *000000013ff90000-000000013ff90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 000000013ff91000-0000000140001fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 0000000140002000-0000000140002fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 0000000140003000-0000000140048fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 0000000140049000-0000000140049fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 000000014004a000-000000014004afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 000000014004b000-000000014004ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 0000000140050000-0000000140050fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 0000000140051000-0000000140051fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 0000000140052000-0000000140055fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 0000000140056000-000000014009dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe 3404.3780: 000000014009e000-000007feff54ffff 0x0001/0x0000 0x0000000 3404.3780: *000007feff550000-000007feff550fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll 3404.3780: 000007feff551000-000007fffffaffff 0x0001/0x0000 0x0000000 3404.3780: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000 3404.3780: 000007fffffd3000-000007fffffdcfff 0x0001/0x0000 0x0000000 3404.3780: *000007fffffdd000-000007fffffdefff 0x0004/0x0004 0x0020000 3404.3780: *000007fffffdf000-000007fffffdffff 0x0004/0x0004 0x0020000 3404.3780: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000 3404.3780: apisetschema.dll: timestamp 0x5b0cbbfe (rc=VINF_SUCCESS) 3404.3780: VirtualBox.exe: timestamp 0x5af2c2c3 (rc=VINF_SUCCESS) 3404.3780: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 3404.3780: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports 3404.3780: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports 3404.3780: supR3HardNtChildPurify: Done after 303 ms and 0 fixes (loop #0). 3404.3780: supR3HardNtEnableThreadCreation: fe4.2878: Log file opened: 5.2.12r122591 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100 fe4.2878: supR3HardenedVmProcessInit: uNtDllAddr=0000000077250000 g_uNtVerCombined=0x611db100 fe4.2878: ntdll.dll: timestamp 0x5b0cbc1e (rc=VINF_SUCCESS) fe4.2878: New simple heap: #1 00000000002d0000 LB 0x400000 (for 1699840 allocation) fe4.2878: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' fe4.2878: System32: \Device\HarddiskVolume2\Windows\System32 fe4.2878: WinSxS: \Device\HarddiskVolume2\Windows\winsxs fe4.2878: KnownDllPath: C:\Windows\system32 fe4.2878: supR3HardenedVmProcessInit: Opening vboxdrv stub... fe4.2878: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... fe4.2878: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... fe4.2878: Registered Dll notification callback with NTDLL. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000077030000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd200000 LB 0x0006a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0] fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077030000 'C:\Windows\system32\kernel32.dll' fe4.2878: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077293740 pvNtTerminateThread=00000000772b9dd0 3404.3780: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 48 ms. fe4.2878: \SystemRoot\System32\ntdll.dll: fe4.2878: CreationTime: 2018-06-22T15:03:35.229878100Z fe4.2878: LastWriteTime: 2018-05-29T02:35:17.561156900Z fe4.2878: ChangeTime: 2018-07-02T07:00:56.964942900Z fe4.2878: FileAttributes: 0x20 fe4.2878: Size: 0x196938 fe4.2878: NT Headers: 0xe0 fe4.2878: Timestamp: 0x5b0cbc1e fe4.2878: Machine: 0x8664 - amd64 fe4.2878: Timestamp: 0x5b0cbc1e fe4.2878: Image Version: 6.1 fe4.2878: SizeOfImage: 0x19f000 (1699840) fe4.2878: Resource Dir: 0x142000 LB 0x5a038 fe4.2878: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] fe4.2878: [Raw version resource data: 0x1420f0 LB 0x38c, codepage 0x0 (reserved 0x0)] fe4.2878: ProductName: Microsoft® Windows® Operating System fe4.2878: ProductVersion: 6.1.7601.24150 fe4.2878: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) fe4.2878: FileDescription: NT Layer DLL fe4.2878: \SystemRoot\System32\kernel32.dll: fe4.2878: CreationTime: 2018-06-22T15:03:37.531074900Z fe4.2878: LastWriteTime: 2018-05-29T02:32:26.690000000Z fe4.2878: ChangeTime: 2018-07-02T07:01:01.402581000Z fe4.2878: FileAttributes: 0x20 fe4.2878: Size: 0x11c000 fe4.2878: NT Headers: 0xe0 fe4.2878: Timestamp: 0x5b0cbc64 fe4.2878: Machine: 0x8664 - amd64 fe4.2878: Timestamp: 0x5b0cbc64 fe4.2878: Image Version: 6.1 fe4.2878: SizeOfImage: 0x11f000 (1175552) fe4.2878: Resource Dir: 0x116000 LB 0x530 fe4.2878: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] fe4.2878: [Raw version resource data: 0x1160b0 LB 0x3b0, codepage 0x0 (reserved 0x0)] fe4.2878: ProductName: Microsoft® Windows® Operating System fe4.2878: ProductVersion: 6.1.7601.24150 fe4.2878: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) fe4.2878: FileDescription: Windows NT BASE API Client DLL fe4.2878: \SystemRoot\System32\KernelBase.dll: fe4.2878: CreationTime: 2018-06-22T15:03:42.884879700Z fe4.2878: LastWriteTime: 2018-05-29T02:32:26.706000000Z fe4.2878: ChangeTime: 2018-07-02T07:01:01.449623100Z fe4.2878: FileAttributes: 0x20 fe4.2878: Size: 0x66800 fe4.2878: NT Headers: 0xe8 fe4.2878: Timestamp: 0x5b0cbc65 fe4.2878: Machine: 0x8664 - amd64 fe4.2878: Timestamp: 0x5b0cbc65 fe4.2878: Image Version: 6.1 fe4.2878: SizeOfImage: 0x6a000 (434176) fe4.2878: Resource Dir: 0x68000 LB 0x538 fe4.2878: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] fe4.2878: [Raw version resource data: 0x680b0 LB 0x3b8, codepage 0x0 (reserved 0x0)] fe4.2878: ProductName: Microsoft® Windows® Operating System fe4.2878: ProductVersion: 6.1.7601.24150 fe4.2878: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) fe4.2878: FileDescription: Windows NT BASE API Client DLL fe4.2878: \SystemRoot\System32\apisetschema.dll: fe4.2878: CreationTime: 2018-06-22T15:03:58.758441300Z fe4.2878: LastWriteTime: 2018-05-29T02:32:21.268000000Z fe4.2878: ChangeTime: 2018-07-02T07:00:56.400437700Z fe4.2878: FileAttributes: 0x20 fe4.2878: Size: 0x1c00 fe4.2878: NT Headers: 0xc0 fe4.2878: Timestamp: 0x5b0cbbfe fe4.2878: Machine: 0x8664 - amd64 fe4.2878: Timestamp: 0x5b0cbbfe fe4.2878: Image Version: 6.1 fe4.2878: SizeOfImage: 0x50000 (327680) fe4.2878: Resource Dir: 0x30000 LB 0x408 fe4.2878: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] fe4.2878: [Raw version resource data: 0x30060 LB 0x3a4, codepage 0x0 (reserved 0x0)] fe4.2878: ProductName: Microsoft® Windows® Operating System fe4.2878: ProductVersion: 6.1.7601.24150 fe4.2878: FileVersion: 6.1.7601.24150 (win7sp1_ldr_escrow.180528-1700) fe4.2878: FileDescription: ApiSet Schema DLL fe4.2878: NtOpenDirectoryObject failed on \Driver: 0xc0000022 fe4.2878: supR3HardenedWinFindAdversaries: 0x0 fe4.2878: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' fe4.2878: Calling main() fe4.2878: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 fe4.2878: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' fe4.2878: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe) fe4.2878: SUPR3HardenedMain: Respawn #2 fe4.2878: supR3HardNtEnableThreadCreation: fe4.2878: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) fe4.2878: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment FLUPIX2 --startvm 86e32492-6002-4546-b3e0-42639716ea7c --no-startvm-errormsgbox "--sup-hardening-log=C:\Users\mgi12\VirtualBox VMs\FLUPIX2\Logs\VBoxHardening.log"' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008] fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\mpr.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winspool.drv) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008] fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c54b1: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007febe480000 LB 0x00a06000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fec56e0000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefdbc0000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd370000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll fe4.2878: supR3HardenedDllNotificationCallback: load 000007feff430000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefda90000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007feff450000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000077150000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd360000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007feff360000 LB 0x000cb000 C:\Windows\system32\USP10.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fef9a60000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fec4d70000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefa0e0000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefdc90000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd1c0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefed10000 LB 0x000da000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd870000 LB 0x001fd000 C:\Windows\system32\ole32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd270000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefb3c0000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fec46d0000 LB 0x00590000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000078c60000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000078f90000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd820000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefedf0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000066180000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefde70000 LB 0x00d8b000 C:\Windows\system32\SHELL32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007feff4c0000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fef9e20000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007febd5c0000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000064f20000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fec6110000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefb140000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefee00000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll fe4.2878: supR3HardenedDllNotificationCallback: load 000007fef9130000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000062380000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fef9be0000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c42f1: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefdc60000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefec00000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc60000 'C:\Windows\system32\IMM32.DLL' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti-Virus\SOPHOS~2.DLL) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti-Virus\SOPHOS~2.DLL fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008] fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\psapi.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\psapi.dll fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c3f01: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti-Virus\SOPHOS~2.DLL [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000074c70000 LB 0x00039000 C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti-Virus\SOPHOS~2.DLL [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 0000000077400000 LB 0x00007000 C:\Windows\system32\PSAPI.DLL [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\psapi.dll [lacks WinVerifyTrust] fe4.2878: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c3521: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077250000 'C:\Windows\system32\ntdll.dll' fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000074c70000 'C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff450000 'C:\Windows\system32\gdi32.dll' fe4.2878: supR3HardenedIsApiSetDll: '' -> true fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000001c45f1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077030000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2bf1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec46d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c4a81: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc60000 'C:\Windows\system32\imm32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c4961: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\ADVAPI32.DLL' fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefcdc0000 LB 0x0000f000 C:\Windows\system32\cryptbase.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdc0000 'C:\Windows\system32\cryptbase.dll' fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007febe480000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c1e21: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd870000 'C:\Windows\system32\ole32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2021: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\ADVAPI32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c0e31: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077030000 'C:\Windows\system32\kernel32.dll' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c0501: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefcf20000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf20000 'C:\Windows\system32\profapi.dll' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c27f1: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fec45a0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fec45a0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2721: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdc0000 'C:\Windows\system32\CRYPTBASE.dll' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c21f1: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefb910000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb910000 'C:\Windows\system32\uxtheme.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c1c31: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb910000 'C:\Windows\system32\uxtheme.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077150000 'C:\Windows\system32\user32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2a31: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde70000 'C:\Windows\system32\shell32.dll' fe4.2878: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 127 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0 fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c20d1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\dwmapi.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2e51: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9be0000 'C:\Windows\system32\winmm.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2e51: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9be0000 'C:\Windows\system32\winmm.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c3131: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde70000 'C:\Windows\system32\shell32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c3101: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb910000 'C:\Windows\system32\uxtheme.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff450000 'C:\Windows\system32\gdi32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda90000 'C:\Windows\system32\rpcrt4.dll' fe4.2878: supR3HardenedIsApiSetDll: '' -> true fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000001c1ca1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff430000 'API-MS-Win-Security-LSALookup-L1-1-0.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\ADVAPI32.dll' fe4.2878: supR3HardenedIsApiSetDll: '' -> true fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000001c2561: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff430000 'API-MS-Win-Security-LSALookup-L1-1-0.dll' fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c27a1: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefc750000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc750000 'C:\Windows\system32\CRYPTSP.dll' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c26b1: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefc450000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc450000 'C:\Windows\system32\rsaenh.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\ADVAPI32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c22c1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdc0000 'C:\Windows\system32\CRYPTBASE.dll' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2361: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefcdd0000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdd0000 'C:\Windows\system32\RpcRtRemote.dll' fe4.2878: supHardenedWinVerifyImageByHandle: -> -23021 (\Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll) fe4.2878: Error (rc=0): fe4.2878: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll: None of the 1 path(s) have a trust anchor.: \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: Error (rc=0): fe4.2878: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' (C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll): rcNt=0xc0000190 fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll [lacks WinVerifyTrust] fe4.2878: Error (rc=0): fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=1 \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: Error (rc=0): fe4.2878: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' (C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll): rcNt=0xc0000190 fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385f2f1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9be0000 'C:\Windows\system32\WINMM.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385f651: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd870000 'C:\Windows\system32\ole32.dll' fe4.bb8: supR3HardenedIsApiSetDll: '' -> true fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000385f231: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff430000 'API-MS-WIN-Service-Management-L1-1-0.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll [lacks WinVerifyTrust] fe4.2878: Error (rc=0): fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: Error (rc=0): fe4.2878: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' (C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll): rcNt=0xc0000190 fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' fe4.bb8: supR3HardenedIsApiSetDll: '' -> true fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000385f231: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff430000 'API-MS-WIN-Service-winsvc-L1-1-0.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda90000 'C:\Windows\system32\RPCRT4.dll' fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\propsys.dll) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385f291: [calling] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c1fc1: [calling] fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fefb510000 LB 0x0004b000 C:\Windows\system32\MMDevAPI.DLL [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fefb3e0000 LB 0x0012c000 C:\Windows\system32\PROPSYS.dll [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\ADVAPI32.dll' fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb510000 'C:\Windows\system32\MMDevAPI.DLL' fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd870000 'C:\Windows\system32\ole32.dll' fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\avrt.dll) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll [lacks WinVerifyTrust] fe4.2878: Error (rc=0): fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=3 \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: Error (rc=0): fe4.2878: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' (C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll): rcNt=0xc0000190 fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385ee01: [calling] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll [lacks WinVerifyTrust] fe4.2878: Error (rc=0): fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: Error (rc=0): fe4.2878: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' (C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll): rcNt=0xc0000190 fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fefa440000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 0000000072d20000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll [lacks WinVerifyTrust] fe4.2878: Error (rc=0): fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: Error (rc=0): fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fefaaa0000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0] fe4.2878: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' (C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll): rcNt=0xc0000190 fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385ee01: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385efb1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385f141: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb510000 'C:\Windows\system32\MMDEVAPI.DLL' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd870000 'C:\Windows\system32\ole32.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385eee1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc90000 'C:\Windows\system32\SETUPAPI.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385efb1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385efb1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e881: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff4c0000 'C:\Windows\system32\SHLWAPI.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd870000 'C:\Windows\system32\ole32.dll' fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385efc1: [calling] fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fef9b00000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9b00000 'C:\Windows\system32\AUDIOSES.DLL' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385efb1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385efb1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001be9b1: [calling] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9be0000 'C:\Windows\system32\WINMM.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385efb1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa440000 'C:\Windows\system32\wdmaud.drv' fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385edb1: [calling] fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fefa210000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fefa1f0000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e7b1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e7b1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e7b1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e7b1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e7b1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e7b1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa210000 'C:\Windows\system32\msacm32.drv' fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'. fe4.bb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'. fe4.bb8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\midimap.dll) fe4.bb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.bb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.bb8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385edb1: [calling] fe4.bb8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedDllNotificationCallback: load 000007fefa1e0000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0] fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1e0000 'C:\Windows\system32\midimap.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e781: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1e0000 'C:\Windows\system32\midimap.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385e781: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1e0000 'C:\Windows\system32\midimap.dll' fe4.bb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000385edb1: [calling] fe4.bb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1e0000 'C:\Windows\system32\midimap.dll' fe4.2d30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2d30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'. fe4.2d30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. fe4.2d30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'. fe4.2d30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'. fe4.2d30: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'. fe4.2d30: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll) fe4.2d30: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2d30: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] fe4.2d30: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] fe4.2d30: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] fe4.2d30: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] fe4.2d30: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2d30: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2d30: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000419eda1: [calling] fe4.2d30: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedDllNotificationCallback: load 000007fefd780000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0] fe4.2d30: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd780000 'C:\Windows\system32\CLBCatQ.DLL' fe4.2d30: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000419da91: [calling] fe4.2d30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9b00000 'C:\Windows\System32\audioses.dll' fe4.33f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust] fe4.33f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000399f8a1: [calling] fe4.33f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1c0000 'C:\Windows\system32\CFGMGR32.dll' fe4.2d30: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust] fe4.2d30: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000419f7e1: [calling] fe4.2d30: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\Windows\system32\OLEAUT32.dll' fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -23021 (0xffffa613)) on \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll [lacks WinVerifyTrust] fe4.2878: Error (rc=0): fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -23021 (0xffffa613) fImage=1 fProtect=0x0 fAccess=0x0 cHits=6 \Device\HarddiskVolume2\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll fe4.2878: Error (rc=0): fe4.2878: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' (C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll): rcNt=0xc0000190 fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll' fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. fe4.2878: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'. fe4.2878: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll) fe4.2878: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... fe4.2878: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] fe4.2878: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000001c2c11: [calling] fe4.2878: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefd180000 LB 0x0003b000 C:\Windows\system32\WINTRUST.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefcf60000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedDllNotificationCallback: load 000007fefcf30000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0] fe4.2878: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust] fe4.2878: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\Windows\system32\WINTRUST.dll' 3404.3780: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 109345 ms, the end);