driver not respecting "Collect process events" setting

[tormodvolden]

When I start irpmonc it lists the current settings, and I see:

[INFO]:   Collect process events:      0

Still the monitoring shows entries with:

Type = ImageLoad

Example of entries:

ID = 1316814
Time = 20/10/2023 07:36:07
Type = ImageLoad
File object = 0x0000000000000000
File name = \Device\HarddiskVolume3\Windows\System32\version.dll
Image base = 0x00007FF876980000
Image size = 40960
Signature type = None
Signature level = Unchecked
Thread ID = 10844
Process ID = 2916
Process name = WUDFHost.exe
IRQL = Passive
Emulated = True
Associated data = True
Data stripped = False
Data size = 104
Admin = False
Impersonated = False
ImpAdmin = False
Stack:
  0: 0x00007FF885C2D5B4
  1: 0x00007FF885BA4D42
  2: 0x00007FF885BA4AAA
  3: 0x00007FF885BEFDD3
  4: 0x00007FF885BEF830
  5: 0x00007FF885BEECF0
  6: 0x00007FF885BEEC63
  7: 0x00007FF885BF22B0
  8: 0x00007FF885BE31FA
  9: 0x00007FF883CF7614
  10: 0x00007FF885BE26F1

ID = 1316815
Time = 20/10/2023 07:36:07
Type = ImageLoad
File object = 0x0000000000000000
File name = \Device\HarddiskVolume3\Windows\System32\ole32.dll
Image base = 0x00007FF883F50000
Image size = 1220608
Signature type = None
Signature level = Unchecked
Thread ID = 10844
Process ID = 2916
Process name = WUDFHost.exe
IRQL = Passive
Emulated = True
Associated data = True
Data stripped = False
Data size = 100
Admin = False
Impersonated = False
ImpAdmin = False
Stack:
  0: 0x00007FF885C2D5B4
  1: 0x00007FF885BA4D42
  2: 0x00007FF885BA4AAA
  3: 0x00007FF885BA4479
  4: 0x00007FF885BA88A8
  5: 0x00007FF885BA7B29
  6: 0x00007FF885BA4C14
  7: 0x00007FF885BEFDD3
  8: 0x00007FF885BEFB00
  9: 0x00007FF885BEED9F
  10: 0x00007FF885BAFB53
  11: 0x00007FF885BA73E4
  12: 0x00007FF885BA6AF4
  13: 0x00007FF8837C56B2
  14: 0x00007FF875A14541
  15: 0x00007FF8759E13E6
  16: 0x00007FF8759E1506
  17: 0x00007FF8759E1556
  18: 0x00007FF875A22DED
  19: 0x00007FF875A1CF5D
  20: 0x00007FF875A22F53
  21: 0x00007FF875A2E2E3
  22: 0x00007FF875A2A9E0
  23: 0x00007FF875A2BD3A
  24: 0x00007FF875A2CEAC
  25: 0x00007FF885C01769
  26: 0x00007FF885BE31FA
  27: 0x00007FF883CF7614
  28: 0x00007FF885BE26F1

irpmonc startup dump of settings:

[INFO]: 0 parsers loaded
loading connector device-connector.dll
deviceName = \\.\irpmndrv
[INFO]: Driver settings:
[INFO]:   Clear on disconnect:         1
[INFO]:   Collect when disconnected:   0
[INFO]:   Collect process events:      0
[INFO]:   Collect file name events:    0
[INFO]:   Collect object name events:  1
[INFO]:   Process snapshot on connect: 1
[INFO]:   Driver snapshot on connect:  0
[INFO]:   Strip data:                  1
[INFO]:   Data strip threshold:        1024 bytes
[INFO]:   Log boot:                    0
[INFO]:   Save to registry:            0
[INFO]:
[INFO]: Driver "\Driver\libusb0" is already hooked
[INFO]: Device "\Device\libusb00001" (0xffffbd04a27e0050) is already hooked
[INFO]: Driver "\Driver\libusb0" is already hooked
[INFO]: Device "\Device\libusb00001" (0xffffbd04a27e0050) is already hooked
[INFO]: Driver "\Driver\USBHUB3" is already hooked
[INFO]: Device "\Device\libusb00001" (0xffffbd04a27e0050) is already hooked
[INFO]: Already watching for driver "\Driver\libusb0"
[INFO]: Already watching for driver "libusb0.sys"
[INFO]: Connecting to the driver...