diff --git a/.gitignore b/.gitignore
index 6ed8449..9e15d05 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,6 +30,7 @@ Gemfile.lock
 .env.*.local
 
 # Ignore Linux build artifacts and special files
+aethex-linux-build/rootfs/
 shell/aethex-shell/aethex-linux-build/rootfs/
 !shell/aethex-shell/aethex-linux-build/rootfs/**/*.sh
 !shell/aethex-shell/aethex-linux-build/rootfs/**/*.conf
diff --git a/.vs/AeThexOS/FileContentIndex/f7d994f1-381b-47c8-b413-c37b01584371.vsidx b/.vs/AeThexOS/FileContentIndex/f7d994f1-381b-47c8-b413-c37b01584371.vsidx
new file mode 100644
index 0000000..636366f
Binary files /dev/null and b/.vs/AeThexOS/FileContentIndex/f7d994f1-381b-47c8-b413-c37b01584371.vsidx differ
diff --git a/.vs/AeThexOS/v17/.wsuo b/.vs/AeThexOS/v17/.wsuo
new file mode 100644
index 0000000..9d87f42
Binary files /dev/null and b/.vs/AeThexOS/v17/.wsuo differ
diff --git a/.vs/AeThexOS/v17/DocumentLayout.json b/.vs/AeThexOS/v17/DocumentLayout.json
new file mode 100644
index 0000000..68ee018
--- /dev/null
+++ b/.vs/AeThexOS/v17/DocumentLayout.json
@@ -0,0 +1,23 @@
+{
+  "Version": 1,
+  "WorkspaceRootPath": "C:\\Users\\PCOEM\\AeThexOS\\",
+  "Documents": [],
+  "DocumentGroupContainers": [
+    {
+      "Orientation": 0,
+      "VerticalTabListWidth": 256,
+      "DocumentGroups": [
+        {
+          "DockedWidth": 200,
+          "SelectedChildIndex": -1,
+          "Children": [
+            {
+              "$type": "Bookmark",
+              "Name": "ST:0:0:{cce594b6-0c39-4442-ba28-10c64ac7e89f}"
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}
\ No newline at end of file
diff --git a/.vs/VSWorkspaceState.json b/.vs/VSWorkspaceState.json
new file mode 100644
index 0000000..6b61141
--- /dev/null
+++ b/.vs/VSWorkspaceState.json
@@ -0,0 +1,6 @@
+{
+  "ExpandedNodes": [
+    ""
+  ],
+  "PreviewInSolutionExplorer": false
+}
\ No newline at end of file
diff --git a/.vs/slnx.sqlite b/.vs/slnx.sqlite
new file mode 100644
index 0000000..2aac13a
Binary files /dev/null and b/.vs/slnx.sqlite differ
diff --git a/AeThexOS_V5/AeThexOS_V5.vbox b/AeThexOS_V5/AeThexOS_V5.vbox
new file mode 100644
index 0000000..74df575
--- /dev/null
+++ b/AeThexOS_V5/AeThexOS_V5.vbox
@@ -0,0 +1,73 @@
+<?xml version="1.0"?>
+<!--
+** DO NOT EDIT THIS FILE.
+** If you make changes to this file while any VirtualBox related application
+** is running, your changes will be overwritten later, without taking effect.
+** Use VBoxManage or the VirtualBox Manager GUI to make changes.
+**
+** Written by VirtualBox 7.2.4 (r170995)
+-->
+<VirtualBox xmlns="http://www.virtualbox.org/" version="1.19-windows">
+  <Machine uuid="{8c1c17d5-577f-49b7-a0f9-a2a911c386b1}" name="AeThexOS_V5" OSType="Ubuntu_64" snapshotFolder="Snapshots" lastStateChange="2026-02-06T05:50:10Z">
+    <MediaRegistry>
+      <HardDisks>
+        <HardDisk uuid="{df646f0c-79f5-44d0-80dd-a4adf770a768}" location="AeThexOS_V5.vdi" format="VDI" type="Normal"/>
+      </HardDisks>
+      <DVDImages>
+        <Image uuid="{a8fccaaf-38fc-4b21-bfb4-4fd7009afb9a}" location="C:/Users/PCOEM/AeThexOS/AeThex-OS-V5-Final.iso"/>
+      </DVDImages>
+    </MediaRegistry>
+    <ExtraData>
+      <ExtraDataItem name="GUI/LastNormalWindowPosition" value="640,249,800,654"/>
+    </ExtraData>
+    <Hardware>
+      <Memory RAMSize="4096"/>
+      <Boot>
+        <Order position="1" device="DVD"/>
+        <Order position="2" device="HardDisk"/>
+        <Order position="3" device="None"/>
+        <Order position="4" device="None"/>
+      </Boot>
+      <Display controller="VMSVGA" VRAMSize="128"/>
+      <Firmware/>
+      <BIOS>
+        <IOAPIC enabled="true"/>
+        <SmbiosUuidLittleEndian enabled="true"/>
+        <AutoSerialNumGen enabled="true"/>
+      </BIOS>
+      <Network>
+        <Adapter slot="0" enabled="true" MACAddress="0800274A28ED" type="82540EM">
+          <NAT localhost-reachable="true"/>
+        </Adapter>
+      </Network>
+      <AudioAdapter useDefault="true" driver="WAS" enabled="true"/>
+      <Clipboard/>
+      <GuestProperties>
+        <GuestProperty name="/VirtualBox/GuestAdd/GuiOnFocus" value="1" timestamp="1770357010041817500" flags="TRANSIENT, RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/GUI/LanguageID" value="en_US" timestamp="1770357057154551500" flags="RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/VBoxRev" value="170995" timestamp="1770357010002592302" flags="TRANSIENT, RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/VBoxVer" value="7.2.4" timestamp="1770357010002592300" flags="TRANSIENT, RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/VBoxVerExt" value="7.2.4" timestamp="1770357010002592301" flags="TRANSIENT, RDONLYGUEST"/>
+      </GuestProperties>
+      <StorageControllers>
+        <StorageController name="SATA Controller" type="AHCI" PortCount="30" useHostIOCache="false" Bootable="true" IDE0MasterEmulationPort="0" IDE0SlaveEmulationPort="1" IDE1MasterEmulationPort="2" IDE1SlaveEmulationPort="3">
+          <AttachedDevice type="HardDisk" hotpluggable="false" port="0" device="0">
+            <Image uuid="{df646f0c-79f5-44d0-80dd-a4adf770a768}"/>
+          </AttachedDevice>
+        </StorageController>
+        <StorageController name="IDE Controller" type="PIIX4" PortCount="2" useHostIOCache="true" Bootable="true">
+          <AttachedDevice passthrough="false" type="DVD" hotpluggable="false" port="0" device="0">
+            <Image uuid="{a8fccaaf-38fc-4b21-bfb4-4fd7009afb9a}"/>
+          </AttachedDevice>
+        </StorageController>
+      </StorageControllers>
+      <RTC localOrUTC="UTC"/>
+      <CPU count="2">
+        <HardwareVirtExLargePages enabled="true"/>
+        <PAE enabled="false"/>
+        <LongMode enabled="true"/>
+        <X2APIC enabled="true"/>
+      </CPU>
+    </Hardware>
+  </Machine>
+</VirtualBox>
diff --git a/AeThexOS_V5/AeThexOS_V5.vbox-prev b/AeThexOS_V5/AeThexOS_V5.vbox-prev
new file mode 100644
index 0000000..ecad5b7
--- /dev/null
+++ b/AeThexOS_V5/AeThexOS_V5.vbox-prev
@@ -0,0 +1,73 @@
+<?xml version="1.0"?>
+<!--
+** DO NOT EDIT THIS FILE.
+** If you make changes to this file while any VirtualBox related application
+** is running, your changes will be overwritten later, without taking effect.
+** Use VBoxManage or the VirtualBox Manager GUI to make changes.
+**
+** Written by VirtualBox 7.2.4 (r170995)
+-->
+<VirtualBox xmlns="http://www.virtualbox.org/" version="1.19-windows">
+  <Machine uuid="{8c1c17d5-577f-49b7-a0f9-a2a911c386b1}" name="AeThexOS_V5" OSType="Ubuntu_64" snapshotFolder="Snapshots" lastStateChange="2026-02-06T05:50:10Z">
+    <MediaRegistry>
+      <HardDisks>
+        <HardDisk uuid="{df646f0c-79f5-44d0-80dd-a4adf770a768}" location="AeThexOS_V5.vdi" format="VDI" type="Normal"/>
+      </HardDisks>
+      <DVDImages>
+        <Image uuid="{a8fccaaf-38fc-4b21-bfb4-4fd7009afb9a}" location="C:/Users/PCOEM/AeThexOS/AeThex-OS-V5-Final.iso"/>
+      </DVDImages>
+    </MediaRegistry>
+    <ExtraData>
+      <ExtraDataItem name="GUI/LastNormalWindowPosition" value="640,249,720,454"/>
+    </ExtraData>
+    <Hardware>
+      <Memory RAMSize="4096"/>
+      <Boot>
+        <Order position="1" device="DVD"/>
+        <Order position="2" device="HardDisk"/>
+        <Order position="3" device="None"/>
+        <Order position="4" device="None"/>
+      </Boot>
+      <Display controller="VMSVGA" VRAMSize="128"/>
+      <Firmware/>
+      <BIOS>
+        <IOAPIC enabled="true"/>
+        <SmbiosUuidLittleEndian enabled="true"/>
+        <AutoSerialNumGen enabled="true"/>
+      </BIOS>
+      <Network>
+        <Adapter slot="0" enabled="true" MACAddress="0800274A28ED" type="82540EM">
+          <NAT localhost-reachable="true"/>
+        </Adapter>
+      </Network>
+      <AudioAdapter useDefault="true" driver="WAS" enabled="true"/>
+      <Clipboard/>
+      <GuestProperties>
+        <GuestProperty name="/VirtualBox/GuestAdd/GuiOnFocus" value="1" timestamp="1770357010041817500" flags="TRANSIENT, RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/GUI/LanguageID" value="en_US" timestamp="1770357017701345900" flags="RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/VBoxRev" value="170995" timestamp="1770357010002592302" flags="TRANSIENT, RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/VBoxVer" value="7.2.4" timestamp="1770357010002592300" flags="TRANSIENT, RDONLYGUEST"/>
+        <GuestProperty name="/VirtualBox/HostInfo/VBoxVerExt" value="7.2.4" timestamp="1770357010002592301" flags="TRANSIENT, RDONLYGUEST"/>
+      </GuestProperties>
+      <StorageControllers>
+        <StorageController name="SATA Controller" type="AHCI" PortCount="30" useHostIOCache="false" Bootable="true" IDE0MasterEmulationPort="0" IDE0SlaveEmulationPort="1" IDE1MasterEmulationPort="2" IDE1SlaveEmulationPort="3">
+          <AttachedDevice type="HardDisk" hotpluggable="false" port="0" device="0">
+            <Image uuid="{df646f0c-79f5-44d0-80dd-a4adf770a768}"/>
+          </AttachedDevice>
+        </StorageController>
+        <StorageController name="IDE Controller" type="PIIX4" PortCount="2" useHostIOCache="true" Bootable="true">
+          <AttachedDevice passthrough="false" type="DVD" hotpluggable="false" port="0" device="0">
+            <Image uuid="{a8fccaaf-38fc-4b21-bfb4-4fd7009afb9a}"/>
+          </AttachedDevice>
+        </StorageController>
+      </StorageControllers>
+      <RTC localOrUTC="UTC"/>
+      <CPU count="2">
+        <HardwareVirtExLargePages enabled="true"/>
+        <PAE enabled="false"/>
+        <LongMode enabled="true"/>
+        <X2APIC enabled="true"/>
+      </CPU>
+    </Hardware>
+  </Machine>
+</VirtualBox>
diff --git a/AeThexOS_V5/AeThexOS_V5.vdi b/AeThexOS_V5/AeThexOS_V5.vdi
new file mode 100644
index 0000000..1969f4e
Binary files /dev/null and b/AeThexOS_V5/AeThexOS_V5.vdi differ
diff --git a/AeThexOS_V5/Logs/VBox.log b/AeThexOS_V5/Logs/VBox.log
new file mode 100644
index 0000000..711b199
--- /dev/null
+++ b/AeThexOS_V5/Logs/VBox.log
@@ -0,0 +1,1803 @@
+00:00:04.807114 VirtualBox VM 7.2.4 r170995 win.amd64 (Oct 17 2025 12:31:09) release log
+00:00:04.807116 Log opened 2026-02-06T05:50:08.662544300Z
+00:00:04.807117 Build Type: release
+00:00:04.807118 OS Product: Windows 11
+00:00:04.807375 OS Release: 10.0.26200.7705
+00:00:04.807381 OS Service Pack: 
+00:00:04.890348 DMI Product Name: GF63 Thin 10SC
+00:00:04.895913 DMI Product Version: REV:1.0
+00:00:04.895919 Firmware type: UEFI
+00:00:04.896235 Secure Boot: Enabled
+00:00:04.896240 Host RAM: 32589MB (31.8GB) total, 7184MB (7.0GB) available
+00:00:04.896242 Executable: C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+00:00:04.896243 Process ID: 53936
+00:00:04.896243 Package type: WINDOWS_64BITS_GENERIC
+00:00:04.896243 Windows Features:
+00:00:04.896244   Core Isolation (Memory Integrity): ENABLED
+00:00:04.897043 Installed Extension Packs:
+00:00:04.897055   None installed!
+00:00:04.897597 Console: Machine state changed to 'Starting'
+00:00:04.897750 GUI: Qt version: 6.8.0
+00:00:04.897761 GUI: HID LEDs sync is enabled
+00:00:04.902809 GUI: UIMediumEnumerator: Medium-enumeration finished!
+00:00:05.021131 GUI: Cannot notify guest about VM window out-of-focus event
+00:00:05.033924 SUP: seg #0: R   0x00000000 LB 0x00001000
+00:00:05.033944 SUP: seg #1: R X 0x00001000 LB 0x001fd000
+00:00:05.033951 SUP: seg #2: R   0x001fe000 LB 0x00054000
+00:00:05.033957 SUP: seg #3: RW  0x00252000 LB 0x00013000
+00:00:05.033962 SUP: seg #4: R   0x00265000 LB 0x00014000
+00:00:05.033967 SUP: seg #5: RW  0x00279000 LB 0x00004000
+00:00:05.033972 SUP: seg #6: R   0x0027d000 LB 0x00008000
+00:00:05.033977 SUP: seg #7: R X 0x00285000 LB 0x00002000
+00:00:05.033982 SUP: seg #8: R   0x00287000 LB 0x00007000
+00:00:05.037813 SUP: Loaded VMMR0.r0 (C:\Program Files\Oracle\VirtualBox/VMMR0.r0) at 0xXXXXXXXXXXXXXXXX - ModuleInit at XXXXXXXXXXXXXXXX and ModuleTerm at XXXXXXXXXXXXXXXX using the native ring-0 loader
+00:00:05.037844 SUP: VMMR0EntryEx located at XXXXXXXXXXXXXXXX and VMMR0EntryFast at XXXXXXXXXXXXXXXX
+00:00:05.037851 SUP: windbg> .reload /f C:\Program Files\Oracle\VirtualBox/VMMR0.r0=0xXXXXXXXXXXXXXXXX
+00:00:05.041971 Guest architecture: x86
+00:00:05.042030 Guest OS type: 'Ubuntu_64'
+00:00:05.042600 fHMForced=true - No raw-mode support in this build!
+00:00:05.042614 Using execution engine 1
+00:00:05.047334 File system of 'C:\Users\PCOEM\AeThexOS\AeThexOS_V5\AeThexOS_V5.vdi' is ntfs
+00:00:05.048365 File system of 'C:\Users\PCOEM\AeThexOS\AeThex-OS-V5-Final.iso' (DVD) is ntfs
+00:00:05.052221 GUI: UIMediumEnumerator: Medium-enumeration finished!
+00:00:05.067952 Shared Clipboard: Initialized OLE
+00:00:05.068039 Shared Clipboard: Service loaded
+00:00:05.068053 Shared Clipboard: Mode: Off
+00:00:05.068219 Shared Clipboard: Service running in normal mode
+00:00:05.080863 Drag and drop service loaded
+00:00:05.080879 Drag and drop mode: Off
+00:00:05.082003 Audio: Detected default audio driver type is 'HostAudioWas'
+00:00:05.086618 ************************* CFGM dump *************************
+00:00:05.086640 [/] (level 0)
+00:00:05.086642   CpuExecutionCap   <integer> = 0x0000000000000064 (100)
+00:00:05.086644   EnablePAE         <integer> = 0x0000000000000001 (1)
+00:00:05.086646   HMEnabled         <integer> = 0x0000000000000001 (1)
+00:00:05.086646   MemBalloonSize    <integer> = 0x0000000000000000 (0, 0 B)
+00:00:05.086648   Name              <string>  = "AeThexOS_V5" (cb=12)
+00:00:05.086649   NumCPUs           <integer> = 0x0000000000000002 (2)
+00:00:05.086650   PageFusionAllowed <integer> = 0x0000000000000000 (0)
+00:00:05.086651   RamHoleSize       <integer> = 0x0000000020000000 (536 870 912, 512.0 MiB)
+00:00:05.086653   RamSize           <integer> = 0x0000000100000000 (4 294 967 296, 4.0 GiB)
+00:00:05.086654   TimerMillies      <integer> = 0x000000000000000a (10)
+00:00:05.086655   UUID              <bytes>   = "d5 17 1c 8c 7f 57 b7 49 a0 f9 a2 a9 11 c3 86 b1" (cb=16)
+00:00:05.086658 
+00:00:05.086658 [/CPUM/] (level 1)
+00:00:05.086659   Enable64bit        <integer> = 0x0000000000000001 (1)
+00:00:05.086660   GuestCpuName       <string>  = "host" (cb=5)
+00:00:05.086661   NestedHWVirt       <integer> = 0x0000000000000000 (0)
+00:00:05.086662   PortableCpuIdLevel <integer> = 0x0000000000000000 (0)
+00:00:05.086662   SpecCtrl           <integer> = 0x0000000000000000 (0)
+00:00:05.086663 
+00:00:05.086663 [/CPUM/IsaExts/] (level 2)
+00:00:05.086664 
+00:00:05.086665 [/DBGC/] (level 1)
+00:00:05.086666   GlobalInitScript <string>  = "C:\Users\PCOEM\.VirtualBox/dbgc-init" (cb=37)
+00:00:05.086667   HistoryFile      <string>  = "C:\Users\PCOEM\.VirtualBox/dbgc-history" (cb=40)
+00:00:05.086667   LocalInitScript  <string>  = "C:\Users\PCOEM\AeThexOS\AeThexOS_V5/dbgc-init" (cb=46)
+00:00:05.086668 
+00:00:05.086668 [/DBGF/] (level 1)
+00:00:05.086669   Path <string>  = "C:\Users\PCOEM\AeThexOS\AeThexOS_V5/debug/;C:\Users\PCOEM\AeThexOS\AeThexOS_V5/;cache*C:\Users\PCOEM\AeThexOS\AeThexOS_V5/dbgcache/;C:\Users\PCOEM\" (cb=148)
+00:00:05.086670 
+00:00:05.086670 [/Devices/] (level 1)
+00:00:05.086671 
+00:00:05.086672 [/Devices/3c501/] (level 2)
+00:00:05.086673 
+00:00:05.086673 [/Devices/8237A/] (level 2)
+00:00:05.086674 
+00:00:05.086674 [/Devices/8237A/0/] (level 3)
+00:00:05.086675   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086676 
+00:00:05.086676 [/Devices/GIMDev/] (level 2)
+00:00:05.086677 
+00:00:05.086678 [/Devices/GIMDev/0/] (level 3)
+00:00:05.086679   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086679 
+00:00:05.086680 [/Devices/VMMDev/] (level 2)
+00:00:05.086680 
+00:00:05.086681 [/Devices/VMMDev/0/] (level 3)
+00:00:05.086682   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086683   PCIDeviceNo   <integer> = 0x0000000000000004 (4)
+00:00:05.086683   PCIFunctionNo <integer> = 0x0000000000000000 (0)
+00:00:05.086684   Trusted       <integer> = 0x0000000000000001 (1)
+00:00:05.086685 
+00:00:05.086685 [/Devices/VMMDev/0/Config/] (level 4)
+00:00:05.086686   GuestCoreDumpDir <string>  = "C:\Users\PCOEM\AeThexOS\AeThexOS_V5\Snapshots" (cb=46)
+00:00:05.086687 
+00:00:05.086687 [/Devices/VMMDev/0/LUN#0/] (level 4)
+00:00:05.086688   Driver <string>  = "HGCM" (cb=5)
+00:00:05.086689 
+00:00:05.086689 [/Devices/VMMDev/0/LUN#0/Config/] (level 5)
+00:00:05.086691 
+00:00:05.086691 [/Devices/VMMDev/0/LUN#999/] (level 4)
+00:00:05.086692   Driver <string>  = "MainStatus" (cb=11)
+00:00:05.086693 
+00:00:05.086693 [/Devices/VMMDev/0/LUN#999/Config/] (level 5)
+00:00:05.086694   First                <integer> = 0x0000000000000000 (0)
+00:00:05.086695   HasMediumAttachments <integer> = 0x0000000000000000 (0)
+00:00:05.086696   Last                 <integer> = 0x0000000000000000 (0)
+00:00:05.086696   iLedSet              <integer> = 0x0000000000000004 (4)
+00:00:05.086697 
+00:00:05.086698 [/Devices/acpi/] (level 2)
+00:00:05.086699 
+00:00:05.086699 [/Devices/acpi/0/] (level 3)
+00:00:05.086700   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086701   PCIDeviceNo   <integer> = 0x0000000000000007 (7)
+00:00:05.086702   PCIFunctionNo <integer> = 0x0000000000000000 (0)
+00:00:05.086702   Trusted       <integer> = 0x0000000000000001 (1)
+00:00:05.086703 
+00:00:05.086703 [/Devices/acpi/0/Config/] (level 4)
+00:00:05.086705   CpuHotPlug          <integer> = 0x0000000000000000 (0)
+00:00:05.086709   FdcEnabled          <integer> = 0x0000000000000000 (0)
+00:00:05.086710   HostBusPciAddress   <integer> = 0x0000000000000000 (0)
+00:00:05.086711   HpetEnabled         <integer> = 0x0000000000000000 (0)
+00:00:05.086712   IOAPIC              <integer> = 0x0000000000000001 (1)
+00:00:05.086712   IocPciAddress       <integer> = 0x0000000000010000 (65 536)
+00:00:05.086713   NumCPUs             <integer> = 0x0000000000000002 (2)
+00:00:05.086714   Parallel0IoPortBase <integer> = 0x0000000000000000 (0)
+00:00:05.086715   Parallel0Irq        <integer> = 0x0000000000000000 (0)
+00:00:05.086716   Parallel1IoPortBase <integer> = 0x0000000000000000 (0)
+00:00:05.086716   Parallel1Irq        <integer> = 0x0000000000000000 (0)
+00:00:05.086717   Serial0IoPortBase   <integer> = 0x0000000000000000 (0)
+00:00:05.086718   Serial0Irq          <integer> = 0x0000000000000000 (0)
+00:00:05.086719   Serial1IoPortBase   <integer> = 0x0000000000000000 (0)
+00:00:05.086719   Serial1Irq          <integer> = 0x0000000000000000 (0)
+00:00:05.086720   ShowCpu             <integer> = 0x0000000000000001 (1)
+00:00:05.086721   ShowRtc             <integer> = 0x0000000000000000 (0)
+00:00:05.086721   SmcEnabled          <integer> = 0x0000000000000000 (0)
+00:00:05.086722 
+00:00:05.086733 [/Devices/acpi/0/LUN#0/] (level 4)
+00:00:05.086735   Driver <string>  = "ACPIHost" (cb=9)
+00:00:05.086736 
+00:00:05.086736 [/Devices/acpi/0/LUN#0/Config/] (level 5)
+00:00:05.086737 
+00:00:05.086738 [/Devices/acpi/0/LUN#1/] (level 4)
+00:00:05.086739   Driver <string>  = "ACPICpu" (cb=8)
+00:00:05.086740 
+00:00:05.086740 [/Devices/acpi/0/LUN#1/Config/] (level 5)
+00:00:05.086741 
+00:00:05.086741 [/Devices/ahci/] (level 2)
+00:00:05.086742 
+00:00:05.086742 [/Devices/ahci/0/] (level 3)
+00:00:05.086744   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086744   PCIDeviceNo   <integer> = 0x000000000000000d (13)
+00:00:05.086745   PCIFunctionNo <integer> = 0x0000000000000000 (0)
+00:00:05.086746   Trusted       <integer> = 0x0000000000000001 (1)
+00:00:05.086746 
+00:00:05.086747 [/Devices/ahci/0/Config/] (level 4)
+00:00:05.086748   Bootable  <integer> = 0x0000000000000001 (1)
+00:00:05.086748   PortCount <integer> = 0x000000000000001e (30)
+00:00:05.086749 
+00:00:05.086749 [/Devices/ahci/0/Config/Port0/] (level 5)
+00:00:05.086751   Hotpluggable <integer> = 0x0000000000000000 (0)
+00:00:05.086751 
+00:00:05.086752 [/Devices/ahci/0/LUN#0/] (level 4)
+00:00:05.086753   Driver <string>  = "VD" (cb=3)
+00:00:05.086753 
+00:00:05.086754 [/Devices/ahci/0/LUN#0/Config/] (level 5)
+00:00:05.086755   BlockCache <integer> = 0x0000000000000001 (1)
+00:00:05.086756   Format     <string>  = "VDI" (cb=4)
+00:00:05.086757   Mountable  <integer> = 0x0000000000000000 (0)
+00:00:05.086757   Path       <string>  = "C:\Users\PCOEM\AeThexOS\AeThexOS_V5\AeThexOS_V5.vdi" (cb=52)
+00:00:05.086758   Type       <string>  = "HardDisk" (cb=9)
+00:00:05.086759   UseNewIo   <integer> = 0x0000000000000001 (1)
+00:00:05.086760 
+00:00:05.086760 [/Devices/ahci/0/LUN#0/Config/VDConfig/] (level 6)
+00:00:05.086761   AllocationBlockSize <string>  = "1048576" (cb=8)
+00:00:05.086762 
+00:00:05.086762 [/Devices/ahci/0/LUN#999/] (level 4)
+00:00:05.086763   Driver <string>  = "MainStatus" (cb=11)
+00:00:05.086764 
+00:00:05.086764 [/Devices/ahci/0/LUN#999/Config/] (level 5)
+00:00:05.086765   DeviceInstance       <string>  = "ahci/0" (cb=7)
+00:00:05.086766   First                <integer> = 0x0000000000000000 (0)
+00:00:05.086767   HasMediumAttachments <integer> = 0x0000000000000001 (1)
+00:00:05.086768   Last                 <integer> = 0x000000000000001d (29)
+00:00:05.086769   iLedSet              <integer> = 0x0000000000000001 (1)
+00:00:05.086769 
+00:00:05.086770 [/Devices/apic/] (level 2)
+00:00:05.086771 
+00:00:05.086771 [/Devices/apic/0/] (level 3)
+00:00:05.086772   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086773 
+00:00:05.086773 [/Devices/apic/0/Config/] (level 4)
+00:00:05.086774   IOAPIC  <integer> = 0x0000000000000001 (1)
+00:00:05.086777   Mode    <integer> = 0x0000000000000003 (3)
+00:00:05.086778   NumCPUs <integer> = 0x0000000000000002 (2)
+00:00:05.086778 
+00:00:05.086779 [/Devices/dp8390/] (level 2)
+00:00:05.086780 
+00:00:05.086780 [/Devices/e1000/] (level 2)
+00:00:05.086781 
+00:00:05.086781 [/Devices/e1000/0/] (level 3)
+00:00:05.086782   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086783   PCIDeviceNo   <integer> = 0x0000000000000003 (3)
+00:00:05.086783   PCIFunctionNo <integer> = 0x0000000000000000 (0)
+00:00:05.086784   Trusted       <integer> = 0x0000000000000001 (1)
+00:00:05.086785 
+00:00:05.086785 [/Devices/e1000/0/Config/] (level 4)
+00:00:05.086786   AdapterType    <integer> = 0x0000000000000000 (0)
+00:00:05.086787   CableConnected <integer> = 0x0000000000000001 (1)
+00:00:05.086788   LineSpeed      <integer> = 0x0000000000000000 (0)
+00:00:05.086788   MAC            <bytes>   = "08 00 27 4a 28 ed" (cb=6)
+00:00:05.086790 
+00:00:05.086790 [/Devices/e1000/0/LUN#0/] (level 4)
+00:00:05.086791   Driver <string>  = "NAT" (cb=4)
+00:00:05.086792 
+00:00:05.086792 [/Devices/e1000/0/LUN#0/Config/] (level 5)
+00:00:05.086794   AliasMode          <integer> = 0x0000000000000000 (0)
+00:00:05.086795   DNSProxy           <integer> = 0x0000000000000000 (0)
+00:00:05.086795   EnableTFTP         <integer> = 0x0000000000000000 (0)
+00:00:05.086796   ForwardBroadcast   <integer> = 0x0000000000000000 (0)
+00:00:05.086797   LocalhostReachable <integer> = 0x0000000000000001 (1)
+00:00:05.086797   Network            <string>  = "10.0.2.0/24" (cb=12)
+00:00:05.086798   PassDomain         <integer> = 0x0000000000000001 (1)
+00:00:05.086799   UseHostResolver    <integer> = 0x0000000000000000 (0)
+00:00:05.086800 
+00:00:05.086800 [/Devices/e1000/0/LUN#999/] (level 4)
+00:00:05.086801   Driver <string>  = "MainStatus" (cb=11)
+00:00:05.086802 
+00:00:05.086802 [/Devices/e1000/0/LUN#999/Config/] (level 5)
+00:00:05.086803   First                <integer> = 0x0000000000000000 (0)
+00:00:05.086804   HasMediumAttachments <integer> = 0x0000000000000000 (0)
+00:00:05.086805   Last                 <integer> = 0x0000000000000000 (0)
+00:00:05.086805   iLedSet              <integer> = 0x0000000000000003 (3)
+00:00:05.086806 
+00:00:05.086806 [/Devices/i8254/] (level 2)
+00:00:05.086807 
+00:00:05.086808 [/Devices/i8254/0/] (level 3)
+00:00:05.086808 
+00:00:05.086809 [/Devices/i8254/0/Config/] (level 4)
+00:00:05.086810 
+00:00:05.086810 [/Devices/i8259/] (level 2)
+00:00:05.086811 
+00:00:05.086811 [/Devices/i8259/0/] (level 3)
+00:00:05.086812   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086812 
+00:00:05.086813 [/Devices/i8259/0/Config/] (level 4)
+00:00:05.086814 
+00:00:05.086814 [/Devices/ichac97/] (level 2)
+00:00:05.086815 
+00:00:05.086815 [/Devices/ichac97/0/] (level 3)
+00:00:05.086816   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086817   PCIDeviceNo   <integer> = 0x0000000000000005 (5)
+00:00:05.086818   PCIFunctionNo <integer> = 0x0000000000000000 (0)
+00:00:05.086818   Trusted       <integer> = 0x0000000000000001 (1)
+00:00:05.086819 
+00:00:05.086819 [/Devices/ichac97/0/AudioConfig/] (level 4)
+00:00:05.086821 
+00:00:05.086821 [/Devices/ichac97/0/Config/] (level 4)
+00:00:05.086822   Codec        <string>  = "STAC9700" (cb=9)
+00:00:05.086823   DebugEnabled <integer> = 0x0000000000000000 (0)
+00:00:05.086824 
+00:00:05.086824 [/Devices/ichac97/0/LUN#0/] (level 4)
+00:00:05.086825   Driver <string>  = "AUDIO" (cb=6)
+00:00:05.086826 
+00:00:05.086826 [/Devices/ichac97/0/LUN#0/AttachedDriver/] (level 5)
+00:00:05.086828   Driver <string>  = "HostAudioWas" (cb=13)
+00:00:05.086828 
+00:00:05.086829 [/Devices/ichac97/0/LUN#0/AttachedDriver/Config/] (level 6)
+00:00:05.086830   VmName <string>  = "AeThexOS_V5" (cb=12)
+00:00:05.086831   VmUuid <string>  = "8c1c17d5-577f-49b7-a0f9-a2a911c386b1" (cb=37)
+00:00:05.086832 
+00:00:05.086832 [/Devices/ichac97/0/LUN#0/Config/] (level 5)
+00:00:05.086833   DriverName    <string>  = "HostAudioWas" (cb=13)
+00:00:05.086834   InputEnabled  <integer> = 0x0000000000000000 (0)
+00:00:05.086836   OutputEnabled <integer> = 0x0000000000000000 (0)
+00:00:05.086836 
+00:00:05.086837 [/Devices/ichac97/0/LUN#1/] (level 4)
+00:00:05.086838   Driver <string>  = "AUDIO" (cb=6)
+00:00:05.086838 
+00:00:05.086839 [/Devices/ichac97/0/LUN#2/] (level 4)
+00:00:05.086840   Driver <string>  = "AUDIO" (cb=6)
+00:00:05.086840 
+00:00:05.086840 [/Devices/ioapic/] (level 2)
+00:00:05.086841 
+00:00:05.086842 [/Devices/ioapic/0/] (level 3)
+00:00:05.086843   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086843 
+00:00:05.086844 [/Devices/ioapic/0/Config/] (level 4)
+00:00:05.086845   NumCPUs <integer> = 0x0000000000000002 (2)
+00:00:05.086846 
+00:00:05.086846 [/Devices/mc146818/] (level 2)
+00:00:05.086847 
+00:00:05.086847 [/Devices/mc146818/0/] (level 3)
+00:00:05.086848 
+00:00:05.086848 [/Devices/mc146818/0/Config/] (level 4)
+00:00:05.086849   UseUTC <integer> = 0x0000000000000001 (1)
+00:00:05.086850 
+00:00:05.086850 [/Devices/parallel/] (level 2)
+00:00:05.086851 
+00:00:05.086852 [/Devices/pcarch/] (level 2)
+00:00:05.086853 
+00:00:05.086853 [/Devices/pcarch/0/] (level 3)
+00:00:05.086854   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086855 
+00:00:05.086855 [/Devices/pcarch/0/Config/] (level 4)
+00:00:05.086856 
+00:00:05.086856 [/Devices/pcbios/] (level 2)
+00:00:05.086857 
+00:00:05.086857 [/Devices/pcbios/0/] (level 3)
+00:00:05.086858   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086859 
+00:00:05.086859 [/Devices/pcbios/0/Config/] (level 4)
+00:00:05.086860   APIC               <integer> = 0x0000000000000001 (1)
+00:00:05.086861   BootDevice0        <string>  = "DVD" (cb=4)
+00:00:05.086862   BootDevice1        <string>  = "IDE" (cb=4)
+00:00:05.086863   BootDevice2        <string>  = "NONE" (cb=5)
+00:00:05.086863   BootDevice3        <string>  = "NONE" (cb=5)
+00:00:05.086864   DmiSystemSerial    <string>  = "VirtualBox-<DmiSystemUuid>" (cb=27)
+00:00:05.086865   FloppyDevice       <string>  = "i82078" (cb=7)
+00:00:05.086865   HardDiskDevice     <string>  = "piix3ide" (cb=9)
+00:00:05.086866   IOAPIC             <integer> = 0x0000000000000001 (1)
+00:00:05.086867   McfgBase           <integer> = 0x0000000000000000 (0)
+00:00:05.086868   McfgLength         <integer> = 0x0000000000000000 (0)
+00:00:05.086868   NumCPUs            <integer> = 0x0000000000000002 (2)
+00:00:05.086869   PXEDebug           <integer> = 0x0000000000000000 (0)
+00:00:05.086870   SataHardDiskDevice <string>  = "ahci" (cb=5)
+00:00:05.086871   SataLUN1           <integer> = 0x0000000000000000 (0)
+00:00:05.086871   UUID               <bytes>   = "d5 17 1c 8c 7f 57 b7 49 a0 f9 a2 a9 11 c3 86 b1" (cb=16)
+00:00:05.086874   UuidLe             <integer> = 0x0000000000000001 (1)
+00:00:05.086874 
+00:00:05.086875 [/Devices/pcbios/0/Config/NetBoot/] (level 5)
+00:00:05.086876 
+00:00:05.086876 [/Devices/pcbios/0/Config/NetBoot/0/] (level 6)
+00:00:05.086878   NIC           <integer> = 0x0000000000000000 (0)
+00:00:05.086879   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086879   PCIDeviceNo   <integer> = 0x0000000000000003 (3)
+00:00:05.086880   PCIFunctionNo <integer> = 0x0000000000000000 (0)
+00:00:05.086881 
+00:00:05.086881 [/Devices/pci/] (level 2)
+00:00:05.086882 
+00:00:05.086882 [/Devices/pci/0/] (level 3)
+00:00:05.086883   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086884 
+00:00:05.086884 [/Devices/pci/0/Config/] (level 4)
+00:00:05.086885   IOAPIC <integer> = 0x0000000000000001 (1)
+00:00:05.086886 
+00:00:05.086886 [/Devices/pcibridge/] (level 2)
+00:00:05.086887 
+00:00:05.086887 [/Devices/pckbd/] (level 2)
+00:00:05.086888 
+00:00:05.086888 [/Devices/pckbd/0/] (level 3)
+00:00:05.086889   Trusted <integer> = 0x0000000000000001 (1)
+00:00:05.086890 
+00:00:05.086890 [/Devices/pckbd/0/Config/] (level 4)
+00:00:05.086891 
+00:00:05.086891 [/Devices/pckbd/0/LUN#0/] (level 4)
+00:00:05.086892   Driver <string>  = "KeyboardQueue" (cb=14)
+00:00:05.086893 
+00:00:05.086893 [/Devices/pckbd/0/LUN#0/AttachedDriver/] (level 5)
+00:00:05.086895   Driver <string>  = "MainKeyboard" (cb=13)
+00:00:05.086897 
+00:00:05.086897 [/Devices/pckbd/0/LUN#0/Config/] (level 5)
+00:00:05.086898   QueueSize <integer> = 0x0000000000000040 (64, 64 B)
+00:00:05.086899 
+00:00:05.086900 [/Devices/pckbd/0/LUN#1/] (level 4)
+00:00:05.086901   Driver <string>  = "MouseQueue" (cb=11)
+00:00:05.086901 
+00:00:05.086901 [/Devices/pckbd/0/LUN#1/AttachedDriver/] (level 5)
+00:00:05.086903   Driver <string>  = "MainMouse" (cb=10)
+00:00:05.086903 
+00:00:05.086904 [/Devices/pckbd/0/LUN#1/Config/] (level 5)
+00:00:05.086905   QueueSize <integer> = 0x0000000000000080 (128, 128 B)
+00:00:05.086906 
+00:00:05.086906 [/Devices/pcnet/] (level 2)
+00:00:05.086907 
+00:00:05.086907 [/Devices/piix3ide/] (level 2)
+00:00:05.086908 
+00:00:05.086908 [/Devices/piix3ide/0/] (level 3)
+00:00:05.086909   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086910   PCIDeviceNo   <integer> = 0x0000000000000001 (1)
+00:00:05.086911   PCIFunctionNo <integer> = 0x0000000000000001 (1)
+00:00:05.086911   Trusted       <integer> = 0x0000000000000001 (1)
+00:00:05.086912 
+00:00:05.086912 [/Devices/piix3ide/0/Config/] (level 4)
+00:00:05.086913   Type <string>  = "PIIX4" (cb=6)
+00:00:05.086914 
+00:00:05.086914 [/Devices/piix3ide/0/LUN#0/] (level 4)
+00:00:05.086915   Driver <string>  = "VD" (cb=3)
+00:00:05.086916 
+00:00:05.086916 [/Devices/piix3ide/0/LUN#0/Config/] (level 5)
+00:00:05.086917   Format    <string>  = "RAW" (cb=4)
+00:00:05.086918   Mountable <integer> = 0x0000000000000001 (1)
+00:00:05.086918   Path      <string>  = "C:\Users\PCOEM\AeThexOS\AeThex-OS-V5-Final.iso" (cb=47)
+00:00:05.086919   ReadOnly  <integer> = 0x0000000000000001 (1)
+00:00:05.086920   Type      <string>  = "DVD" (cb=4)
+00:00:05.086920 
+00:00:05.086921 [/Devices/piix3ide/0/LUN#999/] (level 4)
+00:00:05.086922   Driver <string>  = "MainStatus" (cb=11)
+00:00:05.086922 
+00:00:05.086922 [/Devices/piix3ide/0/LUN#999/Config/] (level 5)
+00:00:05.086924   DeviceInstance       <string>  = "piix3ide/0" (cb=11)
+00:00:05.086924   First                <integer> = 0x0000000000000000 (0)
+00:00:05.086925   HasMediumAttachments <integer> = 0x0000000000000001 (1)
+00:00:05.086926   Last                 <integer> = 0x0000000000000003 (3)
+00:00:05.086927   iLedSet              <integer> = 0x0000000000000002 (2)
+00:00:05.086927 
+00:00:05.086928 [/Devices/serial/] (level 2)
+00:00:05.086929 
+00:00:05.086929 [/Devices/vga/] (level 2)
+00:00:05.086930 
+00:00:05.086930 [/Devices/vga/0/] (level 3)
+00:00:05.086931   PCIBusNo      <integer> = 0x0000000000000000 (0)
+00:00:05.086932   PCIDeviceNo   <integer> = 0x0000000000000002 (2)
+00:00:05.086933   PCIFunctionNo <integer> = 0x0000000000000000 (0)
+00:00:05.086933   Trusted       <integer> = 0x0000000000000001 (1)
+00:00:05.086934 
+00:00:05.086934 [/Devices/vga/0/Config/] (level 4)
+00:00:05.086936   3DEnabled             <integer> = 0x0000000000000000 (0)
+00:00:05.086936   CustomVideoModes      <integer> = 0x0000000000000000 (0)
+00:00:05.086937   FadeIn                <integer> = 0x0000000000000001 (1)
+00:00:05.086938   FadeOut               <integer> = 0x0000000000000001 (1)
+00:00:05.086939   HeightReduction       <integer> = 0x0000000000000000 (0)
+00:00:05.086940   LogoFile              <string>  = "" (cb=1)
+00:00:05.086940   LogoTime              <integer> = 0x0000000000000000 (0)
+00:00:05.086941   MonitorCount          <integer> = 0x0000000000000001 (1)
+00:00:05.086942   ShowBootMenu          <integer> = 0x0000000000000002 (2)
+00:00:05.086942   VMSVGA3dEnabled       <integer> = 0x0000000000000000 (0)
+00:00:05.086943   VMSVGAEnabled         <integer> = 0x0000000000000001 (1)
+00:00:05.086944   VMSVGAPciBarLayout    <integer> = 0x0000000000000001 (1)
+00:00:05.086945   VMSVGAPciId           <integer> = 0x0000000000000001 (1)
+00:00:05.086945   VRamSize              <integer> = 0x0000000008000000 (134 217 728, 128.0 MiB)
+00:00:05.086947   VmSvga3               <integer> = 0x0000000000000000 (0)
+00:00:05.086948   VmSvgaExposeLegacyVga <integer> = 0x0000000000000001 (1)
+00:00:05.086950 
+00:00:05.086951 [/Devices/vga/0/LUN#0/] (level 4)
+00:00:05.086952   Driver <string>  = "MainDisplay" (cb=12)
+00:00:05.086952 
+00:00:05.086953 [/Devices/vga/0/LUN#0/Config/] (level 5)
+00:00:05.086954 
+00:00:05.086954 [/Devices/vga/0/LUN#999/] (level 4)
+00:00:05.086955   Driver <string>  = "MainStatus" (cb=11)
+00:00:05.086956 
+00:00:05.086956 [/Devices/vga/0/LUN#999/Config/] (level 5)
+00:00:05.086957   First                <integer> = 0x0000000000000000 (0)
+00:00:05.086958   HasMediumAttachments <integer> = 0x0000000000000000 (0)
+00:00:05.086958   Last                 <integer> = 0x0000000000000000 (0)
+00:00:05.086959   iLedSet              <integer> = 0x0000000000000000 (0)
+00:00:05.086960 
+00:00:05.086960 [/Devices/virtio-net/] (level 2)
+00:00:05.086961 
+00:00:05.086961 [/EM/] (level 1)
+00:00:05.086962   TripleFaultReset <integer> = 0x0000000000000000 (0)
+00:00:05.086963 
+00:00:05.086963 [/GCM/] (level 1)
+00:00:05.086964   MesaVmsvgaDrv <integer> = 0x0000000000000001 (1)
+00:00:05.086965 
+00:00:05.086965 [/GIM/] (level 1)
+00:00:05.086966   Provider <string>  = "KVM" (cb=4)
+00:00:05.086966 
+00:00:05.086966 [/HM/] (level 1)
+00:00:05.086968   64bitEnabled            <integer> = 0x0000000000000001 (1)
+00:00:05.086969   EnableLargePages        <integer> = 0x0000000000000001 (1)
+00:00:05.086969   EnableNestedPaging      <integer> = 0x0000000000000001 (1)
+00:00:05.086970   EnableUX                <integer> = 0x0000000000000001 (1)
+00:00:05.086971   EnableVPID              <integer> = 0x0000000000000001 (1)
+00:00:05.086972   Exclusive               <integer> = 0x00000000000000ff (255)
+00:00:05.086973   HMForced                <integer> = 0x0000000000000001 (1)
+00:00:05.086974   IBPBOnVMEntry           <integer> = 0x0000000000000000 (0)
+00:00:05.086975   IBPBOnVMExit            <integer> = 0x0000000000000000 (0)
+00:00:05.086975   L1DFlushOnSched         <integer> = 0x0000000000000001 (1)
+00:00:05.086976   L1DFlushOnVMEntry       <integer> = 0x0000000000000000 (0)
+00:00:05.086977   LovelyMesaDrvWorkaround <integer> = 0x0000000000000001 (1)
+00:00:05.086977   MDSClearOnSched         <integer> = 0x0000000000000001 (1)
+00:00:05.086978   MDSClearOnVMEntry       <integer> = 0x0000000000000000 (0)
+00:00:05.086979   SpecCtrlByHost          <integer> = 0x0000000000000000 (0)
+00:00:05.086980   SvmVirtVmsaveVmload     <integer> = 0x0000000000000000 (0)
+00:00:05.086980   UseNEMInstead           <integer> = 0x0000000000000000 (0)
+00:00:05.086981 
+00:00:05.086981 [/MM/] (level 1)
+00:00:05.086982   CanUseLargerHeap <integer> = 0x0000000000000000 (0)
+00:00:05.086983 
+00:00:05.086983 [/NEM/] (level 1)
+00:00:05.086984   Allow64BitGuests        <integer> = 0x0000000000000001 (1)
+00:00:05.086984   IBPBOnVMEntry           <integer> = 0x0000000000000000 (0)
+00:00:05.086985   IBPBOnVMExit            <integer> = 0x0000000000000000 (0)
+00:00:05.086986   L1DFlushOnSched         <integer> = 0x0000000000000001 (1)
+00:00:05.086987   L1DFlushOnVMEntry       <integer> = 0x0000000000000000 (0)
+00:00:05.086987   LovelyMesaDrvWorkaround <integer> = 0x0000000000000001 (1)
+00:00:05.086988   MDSClearOnSched         <integer> = 0x0000000000000001 (1)
+00:00:05.086989   MDSClearOnVMEntry       <integer> = 0x0000000000000000 (0)
+00:00:05.086989 
+00:00:05.086990 [/PDM/] (level 1)
+00:00:05.086990 
+00:00:05.086991 [/PDM/AsyncCompletion/] (level 2)
+00:00:05.086992 
+00:00:05.086992 [/PDM/AsyncCompletion/File/] (level 3)
+00:00:05.086993 
+00:00:05.086993 [/PDM/AsyncCompletion/File/BwGroups/] (level 4)
+00:00:05.086994 
+00:00:05.086994 [/PDM/BlkCache/] (level 2)
+00:00:05.086995   CacheSize <integer> = 0x0000000000500000 (5 242 880, 5.0 MiB)
+00:00:05.086996 
+00:00:05.086996 [/PDM/Devices/] (level 2)
+00:00:05.086997 
+00:00:05.086997 [/PDM/Drivers/] (level 2)
+00:00:05.086998 
+00:00:05.086998 [/PDM/Drivers/VBoxC/] (level 3)
+00:00:05.086999   Path <string>  = "VBoxC" (cb=6)
+00:00:05.087000 
+00:00:05.087000 [/PDM/NetworkShaper/] (level 2)
+00:00:05.087001 
+00:00:05.087001 [/PDM/NetworkShaper/BwGroups/] (level 3)
+00:00:05.087004 
+00:00:05.087004 [/TM/] (level 1)
+00:00:05.087005   UTCOffset <integer> = 0x0000000000000000 (0)
+00:00:05.087005 
+00:00:05.087006 ********************* End of CFGM dump **********************
+00:00:05.087172 HM: HMR3Init: Attempting fall back to NEM: VT-x is not available
+00:00:05.120414 NEM:  info: Found optional import WinHvPlatform.dll!WHvQueryGpaRangeDirtyBitmap.
+00:00:05.120427 NEM:  info: Found optional import WinHvPlatform.dll!WHvResumePartitionTime.
+00:00:05.120431 NEM:  info: Found optional import WinHvPlatform.dll!WHvSuspendPartitionTime.
+00:00:05.120435 NEM:  info: Found optional import WinHvPlatform.dll!WHvRequestInterrupt.
+00:00:05.120439 NEM:  info: Found optional import WinHvPlatform.dll!WHvGetVirtualProcessorXsaveState.
+00:00:05.120442 NEM:  info: Found optional import WinHvPlatform.dll!WHvSetVirtualProcessorXsaveState.
+00:00:05.120449 NEM:  info: Found optional import WinHvPlatform.dll!WHvGetVirtualProcessorState.
+00:00:05.120453 NEM:  info: Found optional import WinHvPlatform.dll!WHvSetVirtualProcessorState.
+00:00:05.120457 NEM:  info: Found optional import WinHvPlatform.dll!WHvGetVirtualProcessorInterruptControllerState.
+00:00:05.120460 NEM:  info: Found optional import WinHvPlatform.dll!WHvSetVirtualProcessorInterruptControllerState.
+00:00:05.120463 NEM:  info: Found optional import WinHvPlatform.dll!WHvGetVirtualProcessorInterruptControllerState2.
+00:00:05.120467 NEM:  info: Found optional import WinHvPlatform.dll!WHvSetVirtualProcessorInterruptControllerState2.
+00:00:05.120472 NEM:  info: Found optional import vid.dll!VidGetHvPartitionId.
+00:00:05.120476 NEM:  info: Found optional import vid.dll!VidGetPartitionProperty.
+00:00:05.120631 NEM: WHvCapabilityCodeHypervisorPresent is TRUE, so this might work...
+00:00:05.120639 NEM: WHvCapabilityCodeExtendedVmExits      = 0x0000000000007fff
+00:00:05.120645 NEM:                           X64CpuidExit: 1
+00:00:05.120648 NEM:                             X64MsrExit: 1
+00:00:05.120651 NEM:                          ExceptionExit: 1
+00:00:05.120655 NEM:                           X64RdtscExit: 1
+00:00:05.120658 NEM:                     X64ApicSmiExitTrap: 1
+00:00:05.120661 NEM:                          HypercallExit: 1
+00:00:05.120664 NEM:                X64ApicInitSipiExitTrap: 1
+00:00:05.120667 NEM:              X64ApicWriteLint0ExitTrap: 1
+00:00:05.120670 NEM:              X64ApicWriteLint1ExitTrap: 1
+00:00:05.120673 NEM:                X64ApicWriteSvrExitTrap: 1
+00:00:05.120676 NEM:                 UnknownSynicConnection: 1
+00:00:05.120680 NEM:              RetargetUnknownVpciDevice: 1
+00:00:05.120688 NEM:                X64ApicWriteLdrExitTrap: 1
+00:00:05.120691 NEM:                X64ApicWriteDfrExitTrap: 1
+00:00:05.120694 NEM:                     GpaAccessFaultExit: 1
+00:00:05.120698 NEM: WHvCapabilityCodeFeatures             = 0x00000000000002ff
+00:00:05.120706 NEM:                           PartialUnmap: 1
+00:00:05.120709 NEM:                     LocalApicEmulation: 1
+00:00:05.120712 NEM:                                  Xsave: 1
+00:00:05.120715 NEM:                      DirtyPageTracking: 1
+00:00:05.120719 NEM:                     SpeculationControl: 1
+00:00:05.120722 NEM:                         ApicRemoteRead: 1
+00:00:05.120725 NEM:                            IdleSuspend: 1
+00:00:05.120729 NEM:                VirtualPciDeviceSupport: 1
+00:00:05.120732 NEM:                           IommuSupport: 0
+00:00:05.120735 NEM:                         VpHotAddRemove: 1
+00:00:05.120742 NEM: Supported xsave features: 0x383f
+00:00:05.120747 NEM:                           XsaveSupport: 1
+00:00:05.120750 NEM:                        XsaveoptSupport: 1
+00:00:05.120753 NEM:                             AvxSupport: 1
+00:00:05.120756 NEM:                            Avx2Support: 1
+00:00:05.120759 NEM:                             FmaSupport: 1
+00:00:05.120763 NEM:                             MpxSupport: 1
+00:00:05.120766 NEM:                          Avx512Support: 0
+00:00:05.120770 NEM:                        Avx512DQSupport: 0
+00:00:05.120773 NEM:                        Avx512BWSupport: 0
+00:00:05.120777 NEM:                        Avx512VLSupport: 0
+00:00:05.120780 NEM:                       XsaveCompSupport: 1
+00:00:05.120783 NEM:                 XsaveSupervisorSupport: 1
+00:00:05.120786 NEM:                            Xcr1Support: 1
+00:00:05.120790 NEM:                    Avx512BitalgSupport: 0
+00:00:05.120793 NEM:                      Avx512IfmaSupport: 0
+00:00:05.120797 NEM:                      Avx512VBmiSupport: 0
+00:00:05.120800 NEM:                     Avx512VBmi2Support: 0
+00:00:05.120803 NEM:                      Avx512VnniSupport: 0
+00:00:05.120806 NEM:                            GfniSupport: 0
+00:00:05.120810 NEM:                            VaesSupport: 0
+00:00:05.120813 NEM:                 Avx512VPopcntdqSupport: 0
+00:00:05.120819 NEM:                      VpclmulqdqSupport: 0
+00:00:05.120823 NEM:                      Avx512Bf16Support: 0
+00:00:05.120827 NEM:              Avx512Vp2IntersectSupport: 0
+00:00:05.120830 NEM:                      Avx512Fp16Support: 0
+00:00:05.120833 NEM:                             XfdSupport: 0
+00:00:05.120837 NEM:                         AmxTileSupport: 0
+00:00:05.120840 NEM:                         AmxBf16Support: 0
+00:00:05.120843 NEM:                         AmxInt8Support: 0
+00:00:05.120846 NEM:                         AvxVnniSupport: 0
+00:00:05.120849 NEM: Supported exception exit bitmap: 0xf7dfb
+00:00:05.120860 NEM: WHvCapabilityCodeProcessorVendor      = 1 - Intel
+00:00:05.120871 NEM: WHvCapabilityCodeProcessorFeatures    = 0x1819f8cfe7f7859f
+00:00:05.120875 NEM:                            Sse3Support: 1
+00:00:05.120879 NEM:                        LahfSahfSupport: 1
+00:00:05.120882 NEM:                           Ssse3Support: 1
+00:00:05.120885 NEM:                          Sse4_1Support: 1
+00:00:05.120888 NEM:                          Sse4_2Support: 1
+00:00:05.120892 NEM:                           Sse4aSupport: 0
+00:00:05.120895 NEM:                             XopSupport: 0
+00:00:05.120898 NEM:                          PopCntSupport: 1
+00:00:05.120901 NEM:                      Cmpxchg16bSupport: 1
+00:00:05.120905 NEM:                       Altmovcr8Support: 0
+00:00:05.120908 NEM:                           LzcntSupport: 1
+00:00:05.120911 NEM:                     MisAlignSseSupport: 0
+00:00:05.120914 NEM:                          MmxExtSupport: 0
+00:00:05.120917 NEM:                        Amd3DNowSupport: 0
+00:00:05.120920 NEM:                ExtendedAmd3DNowSupport: 0
+00:00:05.120924 NEM:                         Page1GbSupport: 1
+00:00:05.120927 NEM:                             AesSupport: 1
+00:00:05.120930 NEM:                       PclmulqdqSupport: 1
+00:00:05.120933 NEM:                            PcidSupport: 1
+00:00:05.120937 NEM:                            Fma4Support: 0
+00:00:05.120940 NEM:                            F16CSupport: 1
+00:00:05.120944 NEM:                          RdRandSupport: 1
+00:00:05.120947 NEM:                        RdWrFsGsSupport: 1
+00:00:05.120950 NEM:                            SmepSupport: 1
+00:00:05.120954 NEM:              EnhancedFastStringSupport: 1
+00:00:05.120957 NEM:                            Bmi1Support: 1
+00:00:05.120961 NEM:                            Bmi2Support: 1
+00:00:05.120964 NEM:                              Reserved1: 0
+00:00:05.120967 NEM:                           MovbeSupport: 1
+00:00:05.120970 NEM:                          Npiep1Support: 1
+00:00:05.120974 NEM:                   DepX87FPUSaveSupport: 1
+00:00:05.120977 NEM:                          RdSeedSupport: 1
+00:00:05.120980 NEM:                             AdxSupport: 1
+00:00:05.120984 NEM:                   IntelPrefetchSupport: 1
+00:00:05.120987 NEM:                            SmapSupport: 1
+00:00:05.120990 NEM:                             HleSupport: 0
+00:00:05.120993 NEM:                             RtmSupport: 0
+00:00:05.120997 NEM:                          RdtscpSupport: 1
+00:00:05.121000 NEM:                      ClflushoptSupport: 1
+00:00:05.121004 NEM:                            ClwbSupport: 0
+00:00:05.121007 NEM:                             ShaSupport: 0
+00:00:05.121010 NEM:                X87PointersSavedSupport: 0
+00:00:05.121013 NEM:                         InvpcidSupport: 1
+00:00:05.121016 NEM:                            IbrsSupport: 1
+00:00:05.121020 NEM:                           StibpSupport: 1
+00:00:05.121023 NEM:                            IbpbSupport: 1
+00:00:05.121026 NEM:                              Reserved2: 1
+00:00:05.121029 NEM:                            SsbdSupport: 1
+00:00:05.121033 NEM:                 FastShortRepMovSupport: 0
+00:00:05.121036 NEM:                              Reserved3: 0
+00:00:05.121039 NEM:                                 RdclNo: 1
+00:00:05.121042 NEM:                         IbrsAllSupport: 1
+00:00:05.121047 NEM:                              Reserved4: 0
+00:00:05.121052 NEM:                                  SsbNo: 0
+00:00:05.121055 NEM:                                 RsbANo: 0
+00:00:05.121058 NEM:                              Reserved5: 0
+00:00:05.121061 NEM:                           RdPidSupport: 0
+00:00:05.121065 NEM:                            UmipSupport: 0
+00:00:05.121068 NEM:                           MdsNoSupport: 1
+00:00:05.121072 NEM:                         MdClearSupport: 1
+00:00:05.121075 NEM:                           TaaNoSupport: 0
+00:00:05.121078 NEM:                         TsxCtrlSupport: 0
+00:00:05.121082 NEM:                              Reserved6: 0
+00:00:05.121089 NEM: WHvCapabilityCodeProcessorClFlushSize = 2^8
+00:00:05.121093 NEM: Warning! Unknown capability 0x4 returning: 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121099 NEM: Warning! Unknown capability 0x5 returning: 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121116 NEM: Warning! Unknown capability 0x6 returning: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121800 NEM: Warning! Unknown capability 0x1003 returning: 3f 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121829 NEM: Warning! Unknown capability 0x1004 returning: 4f 16 c6 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121839 NEM: Warning! Unknown capability 0x1005 returning: 00 c2 eb 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121847 NEM: Warning! Unknown capability 0x1006 returning: 02 00 00 00 00 00 00 00 9f 85 f7 e7 cf f8 19 18 61 00 86 00 0f 00 00 00
+00:00:05.121855 NEM: Warning! Unknown capability 0x1007 returning: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121869 NEM: Warning! Unknown capability 0x1008 returning: 01 00 00 00 00 00 00 00 ff 8f 44 ff 6f 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121882 NEM: Warning! Unknown capability 0x1009 returning: 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.121896 NEM: Warning! Unknown capability 0x100a returning: 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122018 NEM: Warning! Unknown capability 0x2000 returning: 01 00 00 00 00 10 d8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122035 NEM: Warning! Unknown capability 0x2001 returning: 16 00 00 00 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122048 NEM: Warning! Unknown capability 0x2002 returning: f2 e5 01 24 fe ff f9 f7 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122062 NEM: Warning! Unknown capability 0x2003 returning: ff 6f 03 00 ff ff bf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122075 NEM: Warning! Unknown capability 0x2004 returning: ff 11 00 00 ff f3 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122087 NEM: Warning! Unknown capability 0x2005 returning: 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122098 NEM: Warning! Unknown capability 0x2006 returning: 21 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122110 NEM: Warning! Unknown capability 0x2007 returning: ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122124 NEM: Warning! Unknown capability 0x2008 returning: 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122139 NEM: Warning! Unknown capability 0x2009 returning: ff 27 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122153 NEM: Warning! Unknown capability 0x200a returning: 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122166 NEM: Warning! Unknown capability 0x200b returning: 00 00 00 00 ae 18 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122179 NEM: Warning! Unknown capability 0x200c returning: 41 40 73 06 01 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122196 NEM: Warning! Unknown capability 0x200d returning: 16 00 00 00 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122211 NEM: Warning! Unknown capability 0x200e returning: f2 65 00 24 fe ff f9 f7 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122236 NEM: Warning! Unknown capability 0x200f returning: fb 6f 03 00 ff ff bf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:05.122996 NEM: Created partition 0000023ddf5fc350. APIC emulation mode: VirtualBox
+00:00:05.123025 NEM: Adjusting APIC configuration from X2APIC to APIC max mode.  X2APIC is not supported by the WinHvPlatform API!
+00:00:05.123032 NEM: Disable Hyper-V if you need X2APIC for your guests!
+00:00:05.123061 PGM: Enabling NEM mode
+00:00:05.123180 NEM:
+00:00:05.123180 NEM: NEMR3Init: Snail execution mode is active!
+00:00:05.123181 NEM: Note! VirtualBox is not able to run at its full potential in this execution mode.
+00:00:05.123181 NEM:       To see VirtualBox run at max speed you need to disable all Windows features
+00:00:05.123181 NEM:       making use of Hyper-V.  That is a moving target, so google how and carefully
+00:00:05.123181 NEM:       consider the consequences of disabling these features.
+00:00:05.123182 NEM:
+00:00:05.123220 CPUM: No hardware-virtualization capability detected
+00:00:05.123228 CPUM: fXStateHostMask=0x7; host XCR0=0x1f
+00:00:05.124971 CPUM: Matched host CPU INTEL 0x6/0xa5/0x2 Intel_Core7_CometLake with CPU DB entry 'Intel Core i7-6700K' (INTEL 0x6/0x5e/0x3 Intel_Core7_Skylake)
+00:00:05.125114 CPUM: MXCSR_MASK=0xffff (host: 0xffff)
+00:00:05.125149 CPUM: Microcode revision 0x000000E2
+00:00:05.125168 CPUM: Changing leaf 13[0]: EBX=0x440 -> 0x340, ECX=0x440 -> 0x340
+00:00:05.125197 CPUM: MSR/CPUID reconciliation insert: 0x0000010b IA32_FLUSH_CMD
+00:00:05.125207 CPUM: MSR/CPUID reconciliation insert: 0x0000010a IA32_ARCH_CAPABILITIES
+00:00:05.125220 CPUM: MSR fudge: 0x00000122 IA32_TSX_CTRL
+00:00:05.125228 CPUM: MSR fudge: 0x00000123 IA32_MCU_OPT_CTRL
+00:00:05.125243 CPUM: SetGuestCpuIdFeature: Enabled SYSENTER/EXIT
+00:00:05.125249 CPUM: SetGuestCpuIdFeature: Enabled SYSCALL/RET
+00:00:05.125253 CPUM: SetGuestCpuIdFeature: Enabled PAE
+00:00:05.125258 CPUM: SetGuestCpuIdFeature: Enabled LAHF/SAHF
+00:00:05.125262 CPUM: SetGuestCpuIdFeature: Enabled NX
+00:00:05.125267 CPUM: SetGuestCpuIdFeature: Enabled LONG MODE
+00:00:05.125271 CPUM: Enabled MTRR read-write support
+00:00:05.125280 CPUM: Enabled fixed-range MTRRs and 16 (virtualized) variable-range MTRRs
+00:00:05.129522 NEM: HvPartitionPropertyProcessorVendor=0x1 (1)
+00:00:05.129745 NEM: cbXSaveArea=960
+00:00:05.129777 NEM: Default XSAVE area returned by Hyper-V
+00:00:05.129779 000000d0a37fd7c0/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129781 000000d0a37fd7d0/0010: 00 00 00 00 00 00 00 00-80 1f 00 00 ff ff 00 00 ................
+00:00:05.129783 000000d0a37fd7e0/0020: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129784 000000d0a37fd7f0/0030: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129785 000000d0a37fd800/0040: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129787 000000d0a37fd810/0050: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129788 000000d0a37fd820/0060: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129789 000000d0a37fd830/0070: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129790 000000d0a37fd840/0080: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129791 000000d0a37fd850/0090: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129793 000000d0a37fd860/00a0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129794 000000d0a37fd870/00b0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129795 000000d0a37fd880/00c0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129796 000000d0a37fd890/00d0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129797 000000d0a37fd8a0/00e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129799 000000d0a37fd8b0/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129800 000000d0a37fd8c0/0100: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129801 000000d0a37fd8d0/0110: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129802 000000d0a37fd8e0/0120: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129804 000000d0a37fd8f0/0130: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129805 000000d0a37fd900/0140: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129806 000000d0a37fd910/0150: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129807 000000d0a37fd920/0160: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129809 000000d0a37fd930/0170: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129810 000000d0a37fd940/0180: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129811 000000d0a37fd950/0190: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129812 000000d0a37fd960/01a0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129813 000000d0a37fd970/01b0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129815 000000d0a37fd980/01c0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129816 000000d0a37fd990/01d0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129817 000000d0a37fd9a0/01e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129818 000000d0a37fd9b0/01f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129820 000000d0a37fd9c0/0200: 02 00 00 00 00 00 00 00-1f 00 00 00 00 00 00 80 ................
+00:00:05.129821 000000d0a37fd9d0/0210: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129822 000000d0a37fd9e0/0220: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129823 000000d0a37fd9f0/0230: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129825 000000d0a37fda00/0240: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129826 000000d0a37fda10/0250: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129827 000000d0a37fda20/0260: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129828 000000d0a37fda30/0270: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129830 000000d0a37fda40/0280: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129831 000000d0a37fda50/0290: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129832 000000d0a37fda60/02a0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129833 000000d0a37fda70/02b0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129834 000000d0a37fda80/02c0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129836 000000d0a37fda90/02d0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129837 000000d0a37fdaa0/02e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129838 000000d0a37fdab0/02f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129839 000000d0a37fdac0/0300: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129841 000000d0a37fdad0/0310: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129843 000000d0a37fdae0/0320: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129845 000000d0a37fdaf0/0330: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129847 000000d0a37fdb00/0340: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129849 000000d0a37fdb10/0350: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129851 000000d0a37fdb20/0360: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129853 000000d0a37fdb30/0370: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129855 000000d0a37fdb40/0380: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129857 000000d0a37fdb50/0390: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129858 000000d0a37fdb60/03a0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129860 000000d0a37fdb70/03b0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
+00:00:05.129873 NEM: Successfully set up partition (device handle 0000000000001095, partition ID 0x0)
+00:00:05.130037 PGM: Host paging mode: AMD64+PGE+NX
+00:00:05.130051 PGM: PGMPool: cMaxPages=2304 (u64MaxPages=2084)
+00:00:05.130055 PGM: pgmR3PoolInit: cMaxPages=0x900 cMaxUsers=0x1200 cMaxPhysExts=0x1200 fCacheEnable=true
+00:00:05.151119 SUPLib: MEM_LARGE_PAGES privilege not held.
+00:00:05.264942 TM: GIP - u32Mode=3 (Invariant) u32UpdateHz=93 u32UpdateIntervalNS=10741500 enmUseTscDelta=2 (Practically Zero) fGetGipCpu=0x1b cCpus=12
+00:00:05.264974 TM: GIP - u64CpuHz=2 496 009 764 (0x94c61624)  SUPGetCpuHzFromGip => 2 496 009 764
+00:00:05.264980 TM: GIP - CPU: iCpuSet=0x0 idCpu=0x0 idApic=0x0 iGipCpu=0x0 i64TSCDelta=0 enmState=3 u64CpuHz=2496009764(*) cErrors=0
+00:00:05.264985 TM: GIP - CPU: iCpuSet=0x1 idCpu=0x1 idApic=0x1 iGipCpu=0x4 i64TSCDelta=0 enmState=3 u64CpuHz=2496009650(*) cErrors=0
+00:00:05.264988 TM: GIP - CPU: iCpuSet=0x2 idCpu=0x2 idApic=0x2 iGipCpu=0xb i64TSCDelta=0 enmState=3 u64CpuHz=2496009756(*) cErrors=0
+00:00:05.264992 TM: GIP - CPU: iCpuSet=0x3 idCpu=0x3 idApic=0x3 iGipCpu=0x1 i64TSCDelta=0 enmState=3 u64CpuHz=2495997641(*) cErrors=0
+00:00:05.264995 TM: GIP - CPU: iCpuSet=0x4 idCpu=0x4 idApic=0x4 iGipCpu=0x2 i64TSCDelta=0 enmState=3 u64CpuHz=2496007663(*) cErrors=0
+00:00:05.264999 TM: GIP - CPU: iCpuSet=0x5 idCpu=0x5 idApic=0x5 iGipCpu=0x7 i64TSCDelta=0 enmState=3 u64CpuHz=2496009748(*) cErrors=0
+00:00:05.265002 TM: GIP - CPU: iCpuSet=0x6 idCpu=0x6 idApic=0x6 iGipCpu=0x6 i64TSCDelta=0 enmState=3 u64CpuHz=2496009702(*) cErrors=0
+00:00:05.265006 TM: GIP - CPU: iCpuSet=0x7 idCpu=0x7 idApic=0x7 iGipCpu=0x5 i64TSCDelta=0 enmState=3 u64CpuHz=2496009458(*) cErrors=0
+00:00:05.265009 TM: GIP - CPU: iCpuSet=0x8 idCpu=0x8 idApic=0x8 iGipCpu=0xa i64TSCDelta=0 enmState=3 u64CpuHz=2496009749(*) cErrors=0
+00:00:05.265012 TM: GIP - CPU: iCpuSet=0x9 idCpu=0x9 idApic=0x9 iGipCpu=0x3 i64TSCDelta=0 enmState=3 u64CpuHz=2496009400(*) cErrors=0
+00:00:05.265016 TM: GIP - CPU: iCpuSet=0xa idCpu=0xa idApic=0xa iGipCpu=0x8 i64TSCDelta=0 enmState=3 u64CpuHz=2496009636(*) cErrors=0
+00:00:05.265019 TM: GIP - CPU: iCpuSet=0xb idCpu=0xb idApic=0xb iGipCpu=0x9 i64TSCDelta=0 enmState=3 u64CpuHz=2496009764(*) cErrors=0
+00:00:05.265026 TM: NEM overrides the /TM/TSCModeSwitchAllowed setting.
+00:00:05.265044 TM:     cTSCTicksPerSecond=2 496 009 764 (0x94c61624) enmTSCMode=4 (NativeApi) TSCMultiplier=1
+00:00:05.265049 TM: cTSCTicksPerSecondHost=2 496 009 764 (0x94c61624)
+00:00:05.265050 TM: TSCTiedToExecution=false TSCNotTiedToHalt=false
+00:00:05.265809 EMR3Init: fIemExecutesAll=false fGuruOnTripleFault=true
+00:00:05.265979 IEM: TargetCpu=CURRENT, Microarch=Intel_Core7_CometLake aidxTargetCpuEflFlavour={1,0}
+00:00:05.266592 GIM: Using provider 'KVM' (Implementation version: 0)
+00:00:05.266605 CPUM: SetGuestCpuIdFeature: Enabled Hypervisor Present bit
+00:00:05.266636 GCM: Initialized - Fixer bits: 0x8 (MesaVmsvgaDrv)
+00:00:05.266708 AIOMgr: Default manager type is 'Async'
+00:00:05.266715 AIOMgr: Default file backend is 'NonBuffered'
+00:00:05.266780 BlkCache: Cache successfully initialized. Cache size is 5242880 bytes
+00:00:05.266787 BlkCache: Cache commit interval is 10000 ms
+00:00:05.266793 BlkCache: Cache commit threshold is 2621440 bytes
+00:00:05.782862 PcBios: [SMP] BIOS with 2 CPUs
+00:00:05.782891 PcBios: Using the 386+ BIOS image.
+00:00:05.782994 PcBios: MPS table at 000e1300
+00:00:05.783354 PcBios: fCheckShutdownStatusForSoftReset=true  fClearShutdownStatusOnHardReset=true
+00:00:05.783546 PDM: VirtualBox APIC backend registered
+00:00:05.783556 CPUM: SetGuestCpuIdFeature: Enabled xAPIC
+00:00:05.784371 IOAPIC: Version=2.0 ChipType=ICH9
+00:00:05.784434 PIT: mode=3 count=0x10000 (65536) - 18.20 Hz (ch=0)
+00:00:05.784578 VMMDev: cbDefaultBudget: 1 073 741 824 (40000000)
+00:00:05.807597 Shared Folders service loaded
+00:00:05.818657 Guest Control service loaded
+00:00:06.070316 VGA: Using the 386+ BIOS image.
+00:00:06.071534 DrvVD: Flushes will be ignored
+00:00:06.071552 DrvVD: Async flushes will be passed to the disk
+00:00:06.072475 VD: VDInit finished with VINF_SUCCESS
+00:00:06.073119 AIOMgr: Endpoint for file 'C:\Users\PCOEM\AeThexOS\AeThexOS_V5\AeThexOS_V5.vdi' (flags 000c0723) created successfully
+00:00:06.074008 VD: Opening the disk took 1762318 ns
+00:00:06.074096 AHCI: LUN#0: disk, PCHS=16383/16/63, total number of sectors 40960000
+00:00:06.074342 AHCI: Port1: No driver attached
+00:00:06.074357 AHCI: Port2: No driver attached
+00:00:06.074361 AHCI: Port3: No driver attached
+00:00:06.074365 AHCI: Port4: No driver attached
+00:00:06.074368 AHCI: Port5: No driver attached
+00:00:06.074371 AHCI: Port6: No driver attached
+00:00:06.074375 AHCI: Port7: No driver attached
+00:00:06.074378 AHCI: Port8: No driver attached
+00:00:06.074382 AHCI: Port9: No driver attached
+00:00:06.074387 AHCI: Port10: No driver attached
+00:00:06.074393 AHCI: Port11: No driver attached
+00:00:06.074397 AHCI: Port12: No driver attached
+00:00:06.074402 AHCI: Port13: No driver attached
+00:00:06.074406 AHCI: Port14: No driver attached
+00:00:06.074410 AHCI: Port15: No driver attached
+00:00:06.074416 AHCI: Port16: No driver attached
+00:00:06.074421 AHCI: Port17: No driver attached
+00:00:06.074426 AHCI: Port18: No driver attached
+00:00:06.074432 AHCI: Port19: No driver attached
+00:00:06.074436 AHCI: Port20: No driver attached
+00:00:06.074441 AHCI: Port21: No driver attached
+00:00:06.074446 AHCI: Port22: No driver attached
+00:00:06.074452 AHCI: Port23: No driver attached
+00:00:06.074457 AHCI: Port24: No driver attached
+00:00:06.074460 AHCI: Port25: No driver attached
+00:00:06.074464 AHCI: Port26: No driver attached
+00:00:06.074468 AHCI: Port27: No driver attached
+00:00:06.074472 AHCI: Port28: No driver attached
+00:00:06.074475 AHCI: Port29: No driver attached
+00:00:06.074512 AHCI#0: Reset the HBA
+00:00:06.074523 VD#0: Cancelling all active requests
+00:00:06.075011 DrvVD: Flushes will be ignored
+00:00:06.075020 DrvVD: Async flushes will be passed to the disk
+00:00:06.075129 VD: Opening the disk took 102166 ns
+00:00:06.075173 PIIX3 ATA: LUN#0: CD/DVD, total number of sectors 958958, passthrough disabled
+00:00:06.075233 PIIX3 ATA: LUN#1: no unit
+00:00:06.075273 PIIX3 ATA: LUN#2: no unit
+00:00:06.075280 PIIX3 ATA: LUN#3: no unit
+00:00:06.075313 PIIX3 ATA: Ctl#0: finished processing RESET
+00:00:06.075358 PIIX3 ATA: Ctl#1: finished processing RESET
+00:00:06.075418 E1000#0: Chip=82540EM LinkUpDelay=5000ms EthernetCRC=on GSO=enabled Itr=disabled ItrRx=enabled TID=disabled R0=disabled RC=disabled
+00:00:06.090227 AC97: Using codec 'STAC9700'
+00:00:06.133002 WasAPI: Input device is: {Default} (iface 0000023ddc9da300)
+00:00:06.135082 WasAPI: Output device is: {Default} (iface 0000023ddc9dad50)
+00:00:06.142470 Audio: Found 12 devices for driver 'WasAPI'
+00:00:06.142494 Audio: Device 'Speakers (Steam Streaming Speakers)':
+00:00:06.142495 Audio:   ID              = {0.0.0.00000000}.{090f9a97-9220-4d0e-b98f-cf7d7168ef0d}
+00:00:06.142495 Audio:   Usage           = output
+00:00:06.142496 Audio:   Flags           = DEFAULT_OUT
+00:00:06.142496 Audio:   Input channels  = 0
+00:00:06.142496 Audio:   Output channels = 2
+00:00:06.142500 Audio: Device 'Speakers (Steam Streaming Speakers)':
+00:00:06.142501 Audio:   ID              = {0.0.0.00000000}.{090f9a97-9220-4d0e-b98f-cf7d7168ef0d}
+00:00:06.142501 Audio:   Usage           = output
+00:00:06.142501 Audio:   Flags           = NONE
+00:00:06.142501 Audio:   Input channels  = 0
+00:00:06.142502 Audio:   Output channels = 2
+00:00:06.142549 Audio: Device 'Speakers (Realtek(R) Audio)':
+00:00:06.142549 Audio:   ID              = {0.0.0.00000000}.{0c6820a2-be4d-4216-bcf9-77c2a9977ee1}
+00:00:06.142550 Audio:   Usage           = output
+00:00:06.142550 Audio:   Flags           = NONE
+00:00:06.142550 Audio:   Input channels  = 0
+00:00:06.142550 Audio:   Output channels = 2
+00:00:06.142558 Audio: Device 'Speakers (Steam Streaming Microphone)':
+00:00:06.142558 Audio:   ID              = {0.0.0.00000000}.{39b2f724-b840-484c-a523-398fe52679cd}
+00:00:06.142559 Audio:   Usage           = output
+00:00:06.142559 Audio:   Flags           = NONE
+00:00:06.142559 Audio:   Input channels  = 0
+00:00:06.142559 Audio:   Output channels = 2
+00:00:06.142562 Audio: Device 'Headphones (Oculus Virtual Audio Device)':
+00:00:06.142563 Audio:   ID              = {0.0.0.00000000}.{4fbc10a5-b825-4ad3-9a67-2e9a53bf4819}
+00:00:06.142563 Audio:   Usage           = output
+00:00:06.142563 Audio:   Flags           = NONE
+00:00:06.142563 Audio:   Input channels  = 0
+00:00:06.142564 Audio:   Output channels = 2
+00:00:06.142567 Audio: Device 'Speakers (THX Spatial)':
+00:00:06.142567 Audio:   ID              = {0.0.0.00000000}.{7430098b-ce30-4c4c-8dde-ffb4e71f78d3}
+00:00:06.142567 Audio:   Usage           = output
+00:00:06.142567 Audio:   Flags           = NONE
+00:00:06.142568 Audio:   Input channels  = 0
+00:00:06.142568 Audio:   Output channels = 8
+00:00:06.142571 Audio: Device 'Microphone (Steam Streaming Microphone)':
+00:00:06.142571 Audio:   ID              = {0.0.1.00000000}.{bd552e47-793e-4e3a-92eb-981b45d881a3}
+00:00:06.142571 Audio:   Usage           = input
+00:00:06.142572 Audio:   Flags           = DEFAULT_IN
+00:00:06.142572 Audio:   Input channels  = 2
+00:00:06.142572 Audio:   Output channels = 0
+00:00:06.142575 Audio: Device 'Microphone (DroidCam Audio)':
+00:00:06.142575 Audio:   ID              = {0.0.1.00000000}.{5c5f9ecd-4753-4134-93d7-3dc9d54bd9e7}
+00:00:06.142575 Audio:   Usage           = input
+00:00:06.142576 Audio:   Flags           = NONE
+00:00:06.142576 Audio:   Input channels  = 1
+00:00:06.142576 Audio:   Output channels = 0
+00:00:06.142579 Audio: Device 'Microphone (DroidCam Virtual Audio)':
+00:00:06.142579 Audio:   ID              = {0.0.1.00000000}.{6774a640-06ba-4274-b64f-7896d4d06099}
+00:00:06.142580 Audio:   Usage           = input
+00:00:06.142580 Audio:   Flags           = NONE
+00:00:06.142580 Audio:   Input channels  = 1
+00:00:06.142580 Audio:   Output channels = 0
+00:00:06.142583 Audio: Device 'Headset Microphone (Oculus Virtual Audio Device)':
+00:00:06.142583 Audio:   ID              = {0.0.1.00000000}.{8ceeeff4-a09d-40a0-ab65-52bfb7eb9a3e}
+00:00:06.142584 Audio:   Usage           = input
+00:00:06.142584 Audio:   Flags           = NONE
+00:00:06.142584 Audio:   Input channels  = 1
+00:00:06.142584 Audio:   Output channels = 0
+00:00:06.142587 Audio: Device 'Microphone (Steam Streaming Microphone)':
+00:00:06.142588 Audio:   ID              = {0.0.1.00000000}.{bd552e47-793e-4e3a-92eb-981b45d881a3}
+00:00:06.142588 Audio:   Usage           = input
+00:00:06.142588 Audio:   Flags           = NONE
+00:00:06.142588 Audio:   Input channels  = 2
+00:00:06.142588 Audio:   Output channels = 0
+00:00:06.142591 Audio: Device 'Microphone Array (Realtek(R) Audio)':
+00:00:06.142592 Audio:   ID              = {0.0.1.00000000}.{be13e10c-11ab-4551-9a8d-ae08aa57f74b}
+00:00:06.142592 Audio:   Usage           = input
+00:00:06.142592 Audio:   Flags           = NONE
+00:00:06.142592 Audio:   Input channels  = 2
+00:00:06.142593 Audio:   Output channels = 0
+00:00:06.142682 AC97: Reset
+00:00:06.142691 AC97: Mixer reset (EAID=0x809, EACS=0x9)
+00:00:06.142695 AC97: Record select to left=mic, right=mic
+00:00:06.142703 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:00:06.142713 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:06.142720 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:06.142725 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:06.142729 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:06.142732 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:06.142736 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:06.142740 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:06.142784 PGM: The CPU physical address width is 39 bits
+00:00:06.142784 PGM: PGMR3InitFinalize: 4 MB PSE mask 0000007fffffffff -> VINF_SUCCESS
+00:00:06.142784 TM: TMR3InitFinalize: fTSCModeSwitchAllowed=false
+00:00:06.142784 CPUM: Mapped 1.0MiB (1048576 bytes) of RAM using fixed-range MTRRs
+00:00:06.142784 CPUM: Mapped 4.0GiB (4294967296 bytes) of RAM using 3 variable-range MTRRs
+00:00:06.143505 CPUM: Host IA32_ARCH_CAPABILITIES  = 0x2f
+00:00:06.143507 CPUM: Guest IA32_ARCH_CAPABILITIES = 0x2d
+00:00:06.142784 VMM: Thread-context hooks unavailable
+00:00:06.142784 VMM: RTThreadPreemptIsPending() can be trusted
+00:00:06.142784 VMM: Kernel preemption is possible
+00:00:06.142784 EM: Exit history optimizations: enabled=true enabled-r0=true enabled-r0-no-preemption=false
+00:00:06.144025 AIOMgr: Async flushes not supported
+00:00:06.144049 PcBios: SATA LUN#0 LCHS=1024/255/63
+00:00:06.144074 APIC: fPostedIntrsEnabled=false fVirtApicRegsEnabled=false fSupportsTscDeadline=false
+00:00:06.144082 TMR3UtcNow: nsNow=1 770 357 009 999 622 700 nsPrev=0 -> cNsDelta=1 770 357 009 999 622 700 (offLag=0 offVirtualSync=0 offVirtualSyncGivenUp=0, NowAgain=1 770 357 009 999 622 700)
+00:00:06.144089 VMM: fUsePeriodicPreemptionTimers=true
+00:00:06.144094 CPUM: Logical host processors: 12 present, 12 max, 12 online, online mask: 0000000000000fff
+00:00:06.144095 CPUM: Physical host cores: 6
+00:00:06.144096 ************************ CPUID dump *************************
+00:00:06.145316          Raw Standard CPUID Leaves
+00:00:06.145316      Leaf/sub-leaf  eax      ebx      ecx      edx
+00:00:06.145320 Gst: 00000000/0000  00000016 756e6547 6c65746e 49656e69
+00:00:06.145321 Hst:                00000016 756e6547 6c65746e 49656e69
+00:00:06.145322 Gst: 00000001/0000  000a0652 00020800 f6da3203 178bfbff
+00:00:06.145323 Hst:                000a0652 00100800 fffaf38f bfebfbff
+00:00:06.145323 Gst: 00000002/0000  76036301 00f0b5ff 00000000 00c30000
+00:00:06.145324 Hst:                76036301 00f0b5ff 00000000 00c30000
+00:00:06.145324 Gst: 00000003/0000  00000000 00000000 00000000 00000000
+00:00:06.145325 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145325 Gst: 00000004/0000  04000121 01c0003f 0000003f 00000000
+00:00:06.145326 Hst:                1c004121 01c0003f 0000003f 00000000
+00:00:06.145326 Gst: 00000004/0001  04000122 01c0003f 0000003f 00000000
+00:00:06.145327 Hst:                1c004122 01c0003f 0000003f 00000000
+00:00:06.145328 Gst: 00000004/0002  04000143 00c0003f 000003ff 00000000
+00:00:06.145328 Hst:                1c004143 00c0003f 000003ff 00000000
+00:00:06.145329 Gst: 00000004/0003  04000163 03c0003f 00002fff 00000006
+00:00:06.145329 Hst:                1c03c163 03c0003f 00002fff 00000006
+00:00:06.145330 Gst: 00000004/0004  04000000 00000000 00000000 00000000
+00:00:06.145330 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145331 Gst: 00000005/0000  00000000 00000000 00000000 00000000
+00:00:06.145331 Hst:                00000040 00000040 00000003 00042120
+00:00:06.145332 Gst: 00000006/0000  00000004 00000000 00000000 00000000
+00:00:06.145332 Hst:                000007f3 00000002 00000009 00000000
+00:00:06.145333 Gst: 00000007/0000  00000000 008c2529 00000000 30000400
+00:00:06.145333 Hst:                00000000 009c67a9 00000000 bc000400
+00:00:06.145334 Gst: 00000007/0001  00000000 00000000 00000000 00000000
+00:00:06.145334 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145335 Gst: 00000007/0002  00000000 00000000 00000000 00000000
+00:00:06.145335 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145336 Gst: 00000008/0000  00000000 00000000 00000000 00000000
+00:00:06.145336 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145337 Gst: 00000009/0000  00000000 00000000 00000000 00000000
+00:00:06.145337 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145337 Gst: 0000000a/0000  00000000 00000000 00000000 00000000
+00:00:06.145338 Hst:                07300404 00000000 00000000 00000603
+00:00:06.145338 Gst: 0000000b/0000  00000000 00000001 00000100 00000000
+00:00:06.145339 Hst:                00000001 00000002 00000100 00000000
+00:00:06.145339 Gst: 0000000b/0001  00000001 00000002 00000201 00000000
+00:00:06.145340 Hst:                00000004 0000000c 00000201 00000000
+00:00:06.145340 Gst: 0000000b/0002  00000000 00000000 00000002 00000000
+00:00:06.145341 Hst:                00000000 00000000 00000002 00000000
+00:00:06.145341 Gst: 0000000c/0000  00000000 00000000 00000000 00000000
+00:00:06.145342 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145342 Gst: 0000000d/0000  00000007 00000340 00000340 00000000
+00:00:06.145342 Hst:                0000001f 00000440 00000440 00000000
+00:00:06.145343 Gst: 0000000d/0001  00000000 000003c0 00000000 00000000
+00:00:06.145343 Hst:                0000000f 000003c0 00000000 00000000
+00:00:06.145344 Gst: 0000000d/0002  00000100 00000240 00000000 00000000
+00:00:06.145344 Hst:                00000100 00000240 00000000 00000000
+00:00:06.145345 Gst: 0000000d/0003  00000000 00000000 00000000 00000000
+00:00:06.145345 Hst:                00000040 000003c0 00000000 00000000
+00:00:06.145346 Gst: 0000000d/0004  00000000 00000000 00000000 00000000
+00:00:06.145346 Hst:                00000040 00000400 00000000 00000000
+00:00:06.145347 Gst: 0000000d/0005  00000000 00000000 00000000 00000000
+00:00:06.145347 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145347 Gst: 0000000e/0000  00000000 00000000 00000000 00000000
+00:00:06.145348 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145348 Gst: 0000000f/0000  00000000 00000000 00000000 00000000
+00:00:06.145349 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145349 Gst: 00000010/0000  00000000 00000000 00000000 00000000
+00:00:06.145350 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145350 Gst: 00000011/0000  00000000 00000000 00000000 00000000
+00:00:06.145350 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145351 Gst: 00000012/0000  00000000 00000000 00000000 00000000
+00:00:06.145351 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145352 Gst: 00000013/0000  00000000 00000000 00000000 00000000
+00:00:06.145352 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145353 Gst: 00000014/0000  00000000 00000000 00000000 00000000
+00:00:06.145353 Hst:                00000001 0000000f 00000003 00000000
+00:00:06.145353 Hst: 00000015/0000  00000002 000000d0 00000000 00000000
+00:00:06.145354 Hst: 00000016/0000  00000000 00000000 00000000 00000000
+00:00:06.145354                                Name: GenuineIntel
+00:00:06.145355                            Supports: 0x00000000-0x00000016
+00:00:06.145356                              Family:  6 	Extended: 0 	Effective: 6
+00:00:06.145357                               Model:  5 	Extended: 10 	Effective: 165
+00:00:06.145358                            Stepping: 2
+00:00:06.145358                                Type: 0 (primary)
+00:00:06.145359                             APIC ID: 0x00
+00:00:06.145359                        Logical CPUs: 2
+00:00:06.145360                        CLFLUSH Size: 8
+00:00:06.145360                            Brand ID: 0x00
+00:00:06.145361 Features
+00:00:06.145361   Mnemonic - Description                                  = Guest (Host)
+00:00:06.145362   FPU - x87 FPU on Chip                                   = 1 (1)
+00:00:06.145363   VME - Virtual 8086 Mode Enhancements                    = 1 (1)
+00:00:06.145364   DE - Debugging extensions                               = 1 (1)
+00:00:06.145364   PSE - Page Size Extension                               = 1 (1)
+00:00:06.145368   TSC - Time Stamp Counter                                = 1 (1)
+00:00:06.145369   MSR - Model Specific Registers                          = 1 (1)
+00:00:06.145369   PAE - Physical Address Extension                        = 1 (1)
+00:00:06.145370   MCE - Machine Check Exception                           = 1 (1)
+00:00:06.145371   CX8 - CMPXCHG8B instruction                             = 1 (1)
+00:00:06.145371   APIC - APIC On-Chip                                     = 1 (1)
+00:00:06.145372   SEP - SYSENTER and SYSEXIT Present                      = 1 (1)
+00:00:06.145372   MTRR - Memory Type Range Registers                      = 1 (1)
+00:00:06.145373   PGE - PTE Global Bit                                    = 1 (1)
+00:00:06.145374   MCA - Machine Check Architecture                        = 1 (1)
+00:00:06.145374   CMOV - Conditional Move instructions                    = 1 (1)
+00:00:06.145375   PAT - Page Attribute Table                              = 1 (1)
+00:00:06.145375   PSE-36 - 36-bit Page Size Extension                     = 1 (1)
+00:00:06.145376   PSN - Processor Serial Number                           = 0 (0)
+00:00:06.145376   CLFSH - CLFLUSH instruction                             = 1 (1)
+00:00:06.145377   DS - Debug Store                                        = 0 (1)
+00:00:06.145378   ACPI - Thermal Mon. & Soft. Clock Ctrl.                 = 0 (1)
+00:00:06.145378   MMX - Intel MMX Technology                              = 1 (1)
+00:00:06.145379   FXSR - FXSAVE and FXRSTOR instructions                  = 1 (1)
+00:00:06.145379   SSE - SSE support                                       = 1 (1)
+00:00:06.145380   SSE2 - SSE2 support                                     = 1 (1)
+00:00:06.145381   SS - Self Snoop                                         = 0 (1)
+00:00:06.145381   HTT - Hyper-Threading Technology                        = 1 (1)
+00:00:06.145382   TM - Therm. Monitor                                     = 0 (1)
+00:00:06.145383   PBE - Pending Break Enabled                             = 0 (1)
+00:00:06.145383   SSE3 - SSE3 support                                     = 1 (1)
+00:00:06.145384   PCLMUL - PCLMULQDQ support (for AES-GCM)                = 1 (1)
+00:00:06.145384   DTES64 - DS Area 64-bit Layout                          = 0 (1)
+00:00:06.145385   MONITOR - MONITOR/MWAIT instructions                    = 0 (1)
+00:00:06.145386   CPL-DS - CPL Qualified Debug Store                      = 0 (0)
+00:00:06.145386   VMX - Virtual Machine Extensions                        = 0 (0)
+00:00:06.145387   SMX - Safer Mode Extensions                             = 0 (0)
+00:00:06.145387   EST - Enhanced SpeedStep Technology                     = 0 (1)
+00:00:06.145388   TM2 - Terminal Monitor 2                                = 0 (1)
+00:00:06.145388   SSSE3 - Supplemental Streaming SIMD Extensions 3        = 1 (1)
+00:00:06.145389   CNTX-ID - L1 Context ID                                 = 0 (0)
+00:00:06.145390   SDBG - Silicon Debug interface                          = 0 (0)
+00:00:06.145390   FMA - Fused Multiply Add extensions                     = 1 (1)
+00:00:06.145391   CX16 - CMPXCHG16B instruction                           = 1 (1)
+00:00:06.145391   TPRUPDATE - xTPR Update Control                         = 0 (1)
+00:00:06.145392   PDCM - Perf/Debug Capability MSR                        = 0 (1)
+00:00:06.145393   PCID - Process Context Identifiers                      = 1 (1)
+00:00:06.145393   DCA - Direct Cache Access                               = 0 (0)
+00:00:06.145394   SSE4_1 - SSE4_1 support                                 = 1 (1)
+00:00:06.145394   SSE4_2 - SSE4_2 support                                 = 1 (1)
+00:00:06.145395   X2APIC - x2APIC support                                 = 0 (1)
+00:00:06.145395   MOVBE - MOVBE instruction                               = 1 (1)
+00:00:06.145396   POPCNT - POPCNT instruction                             = 1 (1)
+00:00:06.145397   TSCDEADL - Time Stamp Counter Deadline                  = 0 (1)
+00:00:06.145397   AES - AES instructions                                  = 1 (1)
+00:00:06.145398   XSAVE - XSAVE instruction                               = 1 (1)
+00:00:06.145398   OSXSAVE - OSXSAVE instruction                           = 0 (1)
+00:00:06.145399   AVX - AVX support                                       = 1 (1)
+00:00:06.145400   F16C - 16-bit floating point conversion instructions    = 1 (1)
+00:00:06.145400   RDRAND - RDRAND instruction                             = 1 (1)
+00:00:06.145401   HVP - Hypervisor Present (we're a guest)                = 1 (1)
+00:00:06.145401 Structured Extended Feature Flags Enumeration (leaf 7):
+00:00:06.145402 Sub-leaf 0
+00:00:06.145402   Mnemonic - Description                                  = Guest (Host)
+00:00:06.145403   FSGSBASE - RDFSBASE/RDGSBASE/WRFSBASE/WRGSBASE instr.   = 1 (1)
+00:00:06.145403   TSCADJUST - Supports MSR_IA32_TSC_ADJUST                = 0 (0)
+00:00:06.145404   SGX - Supports Software Guard Extensions                = 0 (0)
+00:00:06.145404   BMI1 - Advanced Bit Manipulation extension 1            = 1 (1)
+00:00:06.145405   HLE - Hardware Lock Elision                             = 0 (0)
+00:00:06.145405   AVX2 - Advanced Vector Extensions 2                     = 1 (1)
+00:00:06.145406   FDP_EXCPTN_ONLY - FPU DP only updated on exceptions     = 0 (0)
+00:00:06.145406   SMEP - Supervisor Mode Execution Prevention             = 0 (1)
+00:00:06.145407   BMI2 - Advanced Bit Manipulation extension 2            = 1 (1)
+00:00:06.145410   ERMS - Enhanced REP MOVSB/STOSB instructions            = 0 (1)
+00:00:06.145411   INVPCID - INVPCID instruction                           = 1 (1)
+00:00:06.145411   RTM - Restricted Transactional Memory                   = 0 (0)
+00:00:06.145412   PQM - Platform Quality of Service Monitoring            = 0 (0)
+00:00:06.145412   DEPFPU_CS_DS - Deprecates FPU CS, FPU DS values if set  = 1 (1)
+00:00:06.145413   MPE - Intel Memory Protection Extensions                = 0 (1)
+00:00:06.145413   PQE - Platform Quality of Service Enforcement           = 0 (0)
+00:00:06.145414   AVX512F - AVX512 Foundation instructions                = 0 (0)
+00:00:06.145414   RDSEED - RDSEED instruction                             = 1 (1)
+00:00:06.145415   ADX - ADCX/ADOX instructions                            = 1 (1)
+00:00:06.145416   SMAP - Supervisor Mode Access Prevention                = 0 (1)
+00:00:06.145416   CLFLUSHOPT - CLFLUSHOPT (Cache Line Flush) instruction  = 1 (1)
+00:00:06.145417   CLWB - CLWB instruction                                 = 0 (0)
+00:00:06.145417   INTEL_PT - Intel Processor Trace                        = 0 (0)
+00:00:06.145418   AVX512PF - AVX512 Prefetch instructions                 = 0 (0)
+00:00:06.145418   AVX512ER - AVX512 Exponential & Reciprocal instructions = 0 (0)
+00:00:06.145419   AVX512CD - AVX512 Conflict Detection instructions       = 0 (0)
+00:00:06.145419   SHA - Secure Hash Algorithm extensions                  = 0 (0)
+00:00:06.145420   PREFETCHWT1 - PREFETCHWT1 instruction                   = 0 (0)
+00:00:06.145420   UMIP - User mode insturction prevention                 = 0 (0)
+00:00:06.145421   PKU - Protection Key for Usermode pages                 = 0 (0)
+00:00:06.145421   OSPKE - CR4.PKU mirror                                  = 0 (0)
+00:00:06.145422   MAWAU - Value used by BNDLDX & BNDSTX                   = 0x0 (0x0)
+00:00:06.145423   RDPID - Read processor ID support                       = 0 (0)
+00:00:06.145423   SGX_LC - Supports SGX Launch Configuration              = 0 (0)
+00:00:06.145424   MCU_OPT_CTRL - Supports IA32_MCU_OPT_CTRL               = 0 (0)
+00:00:06.145425   MD_CLEAR - Supports MDS related buffer clearing         = 1 (1)
+00:00:06.145425   TSX_FORCE_ABORT - Supports IA32_TSX_FORCE_ABORT         = 0 (0)
+00:00:06.145426   CET_IBT - Supports indirect branch tracking w/ CET      = 0 (0)
+00:00:06.145426   IBRS_IBPB - IA32_SPEC_CTRL.IBRS and IA32_PRED_CMD.IBPB  = 0 (1)
+00:00:06.145426   STIBP - Supports IA32_SPEC_CTRL.STIBP                   = 0 (1)
+00:00:06.145427   FLUSH_CMD - Supports IA32_FLUSH_CMD                     = 1 (1)
+00:00:06.145428   ARCHCAP - Supports IA32_ARCH_CAP                        = 1 (1)
+00:00:06.145428   CORECAP - Supports IA32_CORE_CAP                        = 0 (0)
+00:00:06.145429   SSBD - Supports IA32_SPEC_CTRL.SSBD                     = 0 (1)
+00:00:06.145429  Sub-leaf 2
+00:00:06.145430   Mnemonic - Description                                  = Guest (Host)
+00:00:06.145430   PSFD - Supports IA32_SPEC_CTRL[7] (PSFD)                = 0 (0)
+00:00:06.145431   IPRED_CTRL - Supports IA32_SPEC_CTRL[4:3] (IPRED_DIS)   = 0 (0)
+00:00:06.145431   RRSBA_CTRL - Supports IA32_SPEC_CTRL[6:5] (RRSBA_DIS)   = 0 (0)
+00:00:06.145431   DDPD_U - Supports IA32_SPEC_CTRL[8] (DDPD_U)            = 0 (0)
+00:00:06.145432   BHI_CTRL - Supports IA32_SPEC_CTRL[10] (BHI_DIS_S)      = 0 (0)
+00:00:06.145432   MCDT_NO - No MXCSR Config Dependent Timing issues       = 0 (0)
+00:00:06.145433   UC_LOCK_DIS - Supports UC-lock disable and causing #AC  = 0 (0)
+00:00:06.145433   MONITOR_MITG_NO - No MONITOR/UMONITOR power issues      = 0 (0)
+00:00:06.145434 Processor Extended State Enumeration (leaf 0xd):
+00:00:06.145434    XSAVE area cur/max size by XCR0, Guest: 0x340/0x340
+00:00:06.145435    XSAVE area cur/max size by XCR0,  Host: 0x440/0x440
+00:00:06.145436                    Valid XCR0 bits, Guest: 0x00000000`00000007 ( x87 SSE YMM_Hi128 )
+00:00:06.145437                    Valid XCR0 bits,  Host: 0x00000000`0000001f ( x87 SSE YMM_Hi128 BNDREGS BNDCSR )
+00:00:06.145438                     XSAVE features, Guest
+00:00:06.145439                     XSAVE features,  Host XSAVEOPT XSAVEC XGETBC1 XSAVES
+00:00:06.145439       XSAVE area cur size XCR0|XSS, Guest: 0x3c0
+00:00:06.145440       XSAVE area cur size XCR0|XSS,  Host: 0x3c0
+00:00:06.145440                Valid IA32_XSS bits, Guest: 0x00000000`00000000
+00:00:06.145441                Valid IA32_XSS bits,  Host: 0x00000000`00000000
+00:00:06.145441   State #2, Guest: off=0x0240, cb=0x0100 IA32_XSS-bit -- YMM_Hi128
+00:00:06.145442   State #2,  Host:  off=0x0240, cb=0x0100 IA32_XSS-bit -- YMM_Hi128
+00:00:06.145443   State #3,  Host:  off=0x03c0, cb=0x0040 IA32_XSS-bit -- BNDREGS
+00:00:06.145444   State #4,  Host:  off=0x0400, cb=0x0040 IA32_XSS-bit -- BNDCSR
+00:00:06.145448          Raw Hypervisor CPUID Leaves
+00:00:06.145448      Leaf/sub-leaf  eax      ebx      ecx      edx
+00:00:06.145448 Gst: 40000000/0000  40000001 4b4d564b 564b4d56 0000004d
+00:00:06.145449 Hst:                4000000c 7263694d 666f736f 76482074
+00:00:06.145450 Gst: 40000001/0000  01000089 00000000 00000000 00000000
+00:00:06.145451 Hst:                31237648 00000000 00000000 00000000
+00:00:06.145451 Hst: 40000002/0000  000065f4 000a0000 00000007 00001e19
+00:00:06.145452 Hst: 40000003/0000  00003fff 002bb9ff 00000222 7dfefbf6
+00:00:06.145453 Hst: 40000004/0000  00960e14 00000000 0000002e 00000000
+00:00:06.145453 Hst: 40000005/0000  00000800 00000800 000008b8 00000000
+00:00:06.145454 Hst: 40000006/0000  09f200af 00000027 00000000 00000000
+00:00:06.145454 Hst: 40000007/0000  80000007 0000000b 00000000 00000000
+00:00:06.145455 Hst: 40000008/0000  00000000 00000000 00000000 00000000
+00:00:06.145455 Hst: 40000009/0000  00000000 00000000 00000000 00000000
+00:00:06.145456 Hst: 4000000a/0000  00000000 00000000 00000000 00000000
+00:00:06.145456 Hst: 4000000b/0000  001ff002 00000000 00000000 00000000
+00:00:06.145457 Hst: 4000000c/0000  00000000 00000000 00000000 00000000
+00:00:06.145458          Raw Extended CPUID Leaves
+00:00:06.145458      Leaf/sub-leaf  eax      ebx      ecx      edx
+00:00:06.145458 Gst: 80000000/0000  80000008 00000000 00000000 00000000
+00:00:06.145459 Hst:                80000008 00000000 00000000 00000000
+00:00:06.145459 Gst: 80000001/0000  00000000 00000000 00000121 28100800
+00:00:06.145460 Hst:                00000000 00000000 00000121 2c100800
+00:00:06.145461 Gst: 80000002/0000  65746e49 2952286c 726f4320 4d542865
+00:00:06.145461 Hst:                65746e49 2952286c 726f4320 4d542865
+00:00:06.145462 Gst: 80000003/0000  35692029 3530312d 20483030 20555043
+00:00:06.145463 Hst:                35692029 3530312d 20483030 20555043
+00:00:06.145463 Gst: 80000004/0000  2e322040 48473035 0000007a 00000000
+00:00:06.145464 Hst:                2e322040 48473035 0000007a 00000000
+00:00:06.145464 Gst: 80000005/0000  00000000 00000000 00000000 00000000
+00:00:06.145465 Hst:                00000000 00000000 00000000 00000000
+00:00:06.145465 Gst: 80000006/0000  00000000 00000000 01006040 00000000
+00:00:06.145466 Hst:                00000000 00000000 01006040 00000000
+00:00:06.145466 Gst: 80000007/0000  00000000 00000000 00000000 00000100
+00:00:06.145467 Hst:                00000000 00000000 00000000 00000100
+00:00:06.145467 Gst: 80000008/0000  00003027 00000000 00000000 00000000
+00:00:06.145468 Hst:                00003027 00000000 00000000 00000000
+00:00:06.145468 Ext Name:                        
+00:00:06.145469 Ext Supports:                    0x80000000-0x80000008
+00:00:06.145469 Family:                          0  	Extended: 0 	Effective: 0
+00:00:06.145469 Model:                           0  	Extended: 0 	Effective: 0
+00:00:06.145470 Stepping:                        0
+00:00:06.145470 Brand ID:                        0x000
+00:00:06.145470 Ext Features
+00:00:06.145471   Mnemonic - Description                                  = Guest (Host)
+00:00:06.145471   FPU - x87 FPU on Chip                                   = 0 (0)
+00:00:06.145472   VME - Virtual 8086 Mode Enhancements                    = 0 (0)
+00:00:06.145473   DE - Debugging extensions                               = 0 (0)
+00:00:06.145473   PSE - Page Size Extension                               = 0 (0)
+00:00:06.145474   TSC - Time Stamp Counter                                = 0 (0)
+00:00:06.145477   MSR - K86 Model Specific Registers                      = 0 (0)
+00:00:06.145478   PAE - Physical Address Extension                        = 0 (0)
+00:00:06.145479   MCE - Machine Check Exception                           = 0 (0)
+00:00:06.145479   CX8 - CMPXCHG8B instruction                             = 0 (0)
+00:00:06.145480   APIC - APIC On-Chip                                     = 0 (0)
+00:00:06.145481   SEP - SYSCALL/SYSRET                                    = 1 (1)
+00:00:06.145481   MTRR - Memory Type Range Registers                      = 0 (0)
+00:00:06.145482   PGE - PTE Global Bit                                    = 0 (0)
+00:00:06.145483   MCA - Machine Check Architecture                        = 0 (0)
+00:00:06.145483   CMOV - Conditional Move instructions                    = 0 (0)
+00:00:06.145484   PAT - Page Attribute Table                              = 0 (0)
+00:00:06.145484   PSE-36 - 36-bit Page Size Extension                     = 0 (0)
+00:00:06.145485   NX - No-Execute/Execute-Disable                         = 1 (1)
+00:00:06.145486   AXMMX - AMD Extensions to MMX instructions              = 0 (0)
+00:00:06.145486   MMX - Intel MMX Technology                              = 0 (0)
+00:00:06.145487   FXSR - FXSAVE and FXRSTOR Instructions                  = 0 (0)
+00:00:06.145487   FFXSR - AMD fast FXSAVE and FXRSTOR instructions        = 0 (0)
+00:00:06.145488   Page1GB - 1 GB large page                               = 0 (1)
+00:00:06.145488   RDTSCP - RDTSCP instruction                             = 1 (1)
+00:00:06.145489   LM - AMD64 Long Mode                                    = 1 (1)
+00:00:06.145490   3DNOWEXT - AMD Extensions to 3DNow                      = 0 (0)
+00:00:06.145490   3DNOW - AMD 3DNow                                       = 0 (0)
+00:00:06.145491   LahfSahf - LAHF/SAHF support in 64-bit mode             = 1 (1)
+00:00:06.145492   CmpLegacy - Core multi-processing legacy mode           = 0 (0)
+00:00:06.145492   SVM - AMD Secure Virtual Machine extensions             = 0 (0)
+00:00:06.145493   EXTAPIC - AMD Extended APIC registers                   = 0 (0)
+00:00:06.145493   CR8L - AMD LOCK MOV CR0 means MOV CR8                   = 0 (0)
+00:00:06.145494   ABM - AMD Advanced Bit Manipulation                     = 1 (1)
+00:00:06.145494   SSE4A - SSE4A instructions                              = 0 (0)
+00:00:06.145495   MISALIGNSSE - AMD Misaligned SSE mode                   = 0 (0)
+00:00:06.145496   3DNOWPRF - AMD PREFETCH and PREFETCHW instructions      = 1 (1)
+00:00:06.145496   OSVW - AMD OS Visible Workaround                        = 0 (0)
+00:00:06.145497   IBS - Instruct Based Sampling                           = 0 (0)
+00:00:06.145497   XOP - Extended Operation support                        = 0 (0)
+00:00:06.145498   SKINIT - SKINIT, STGI, and DEV support                  = 0 (0)
+00:00:06.145498   WDT - AMD Watchdog Timer support                        = 0 (0)
+00:00:06.145499   LWP - Lightweight Profiling support                     = 0 (0)
+00:00:06.145499   FMA4 - Four operand FMA instruction support             = 0 (0)
+00:00:06.145500   TCE - Translation Cache Extension support               = 0 (0)
+00:00:06.145501   NodeId - NodeId in MSR C001_100C                        = 0 (0)
+00:00:06.145501   TBM - Trailing Bit Manipulation instructions            = 0 (0)
+00:00:06.145502   TOPOEXT - Topology Extensions                           = 0 (0)
+00:00:06.145502   PRFEXTCORE - Performance Counter Extensions support     = 0 (0)
+00:00:06.145503   PRFEXTNB - NB Performance Counter Extensions support    = 0 (0)
+00:00:06.145503   DATABPEXT - Data-access Breakpoint Extension            = 0 (0)
+00:00:06.145504   PERFTSC - Performance Time Stamp Counter                = 0 (0)
+00:00:06.145504   PCX_L2I - L2I/L3 Performance Counter Extensions         = 0 (0)
+00:00:06.145505   MONITORX - MWAITX and MONITORX instructions             = 0 (0)
+00:00:06.145505   AddrMaskExt - BP Addressing masking extended to bit 31  = 0 (0)
+00:00:06.145506 Full Name:                       "Intel(R) Core(TM) i5-10500H CPU @ 2.50GHz"
+00:00:06.145506 TLB 2/4M Instr/Uni:              res0     0 entries
+00:00:06.145507 TLB 2/4M Data:                   res0     0 entries
+00:00:06.145507 TLB 4K Instr/Uni:                res0     0 entries
+00:00:06.145507 TLB 4K Data:                     res0     0 entries
+00:00:06.145508 L1 Instr Cache Line Size:        0 bytes
+00:00:06.145508 L1 Instr Cache Lines Per Tag:    0
+00:00:06.145508 L1 Instr Cache Associativity:    res0  
+00:00:06.145508 L1 Instr Cache Size:             0 KB
+00:00:06.145509 L1 Data Cache Line Size:         0 bytes
+00:00:06.145509 L1 Data Cache Lines Per Tag:     0
+00:00:06.145509 L1 Data Cache Associativity:     res0  
+00:00:06.145509 L1 Data Cache Size:              0 KB
+00:00:06.145510 L2 TLB 2/4M Instr/Uni:           off       0 entries
+00:00:06.145510 L2 TLB 2/4M Data:                off       0 entries
+00:00:06.145510 L2 TLB 4K Instr/Uni:             off       0 entries
+00:00:06.145511 L2 TLB 4K Data:                  off       0 entries
+00:00:06.145511 L2 Cache Line Size:              64 bytes
+00:00:06.145511 L2 Cache Lines Per Tag:          0
+00:00:06.145511 L2 Cache Associativity:          8 way 
+00:00:06.145512 L2 Cache Size:                   256 KB
+00:00:06.145512 L3 Cache Line Size:              0 bytes
+00:00:06.145512 L3 Cache Lines Per Tag:          0
+00:00:06.145512 L3 Cache Associativity:          off   
+00:00:06.145513 L3 Cache Size:                   0 KB
+00:00:06.145516 APM Features EDX
+00:00:06.145516   Mnemonic - Description                                  = Guest (Host)
+00:00:06.145519   TS - Temperature Sensor                                 = 0 (0)
+00:00:06.145520   FID - Frequency ID control                              = 0 (0)
+00:00:06.145521   VID - Voltage ID control                                = 0 (0)
+00:00:06.145521   TTP - Thermal Trip                                      = 0 (0)
+00:00:06.145522   TM - Hardware Thermal Control (HTC)                     = 0 (0)
+00:00:06.145522   100MHzSteps - 100 MHz Multiplier control                = 0 (0)
+00:00:06.145523   HwPstate - Hardware P-state control                     = 0 (0)
+00:00:06.145523   TscInvariant - Invariant Time Stamp Counter             = 1 (1)
+00:00:06.145524   CPB - Core Performance Boost                            = 0 (0)
+00:00:06.145525   EffFreqRO - Read-only Effective Frequency Interface     = 0 (0)
+00:00:06.145525   ProcFdbkIf - Processor Feedback Interface               = 0 (0)
+00:00:06.145526   ProcPwrRep - Core power reporting interface support     = 0 (0)
+00:00:06.145526   ConnectedStandby - Connected Standby                    = 0 (0)
+00:00:06.145527   RAPL - Running average power limit                      = 0 (0)
+00:00:06.145527 Physical Address Width:          39 bits
+00:00:06.145528 Virtual Address Width:           48 bits
+00:00:06.145528 Max page count for INVLPGB:      0x3027
+00:00:06.145528 Max ECX for RDPRU:               0x0
+00:00:06.145529 ********************* End of CPUID dump *********************
+00:00:06.145583 VMEmt: Halt method global1 (5)
+00:00:06.145701 VMEmt: HaltedGlobal1 config: cNsSpinBlockThresholdCfg=50000
+00:00:06.145769 Changing the VM state from 'CREATING' to 'CREATED'
+00:00:06.147293 NAT: DNS settings changed, triggering update
+00:00:06.147303 NAT DNS Update: Stored 186476868 as nameserver #0
+00:00:06.147308 NAT DNS Update: Stored 203188548 as nameserver #1
+00:00:06.147311 NAT DNS Update: Stored 2 total nameservers
+00:00:06.147502 Changing the VM state from 'CREATED' to 'POWERING_ON'
+00:00:06.147616 VMSVGA3d: cap[0]=0x00000000 {3D}
+00:00:06.147622 VMSVGA3d: cap[1]=0x00000000 {MAX_LIGHTS}
+00:00:06.147623 VMSVGA3d: cap[2]=0x00000000 {MAX_TEXTURES}
+00:00:06.147623 VMSVGA3d: cap[3]=0x00000000 {MAX_CLIP_PLANES}
+00:00:06.147624 VMSVGA3d: cap[4]=0x00000000 {VERTEX_SHADER_VERSION}
+00:00:06.147624 VMSVGA3d: cap[5]=0x00000000 {VERTEX_SHADER}
+00:00:06.147624 VMSVGA3d: cap[6]=0x00000000 {FRAGMENT_SHADER_VERSION}
+00:00:06.147625 VMSVGA3d: cap[7]=0x00000000 {FRAGMENT_SHADER}
+00:00:06.147625 VMSVGA3d: cap[8]=0x00000000 {MAX_RENDER_TARGETS}
+00:00:06.147625 VMSVGA3d: cap[9]=0x00000000 {S23E8_TEXTURES}
+00:00:06.147626 VMSVGA3d: cap[10]=0x00000000 {S10E5_TEXTURES}
+00:00:06.147626 VMSVGA3d: cap[11]=0x00000000 {MAX_FIXED_VERTEXBLEND}
+00:00:06.147627 VMSVGA3d: cap[12]=0x00000000 {D16_BUFFER_FORMAT}
+00:00:06.147627 VMSVGA3d: cap[13]=0x00000000 {D24S8_BUFFER_FORMAT}
+00:00:06.147627 VMSVGA3d: cap[14]=0x00000000 {D24X8_BUFFER_FORMAT}
+00:00:06.147627 VMSVGA3d: cap[15]=0x00000000 {QUERY_TYPES}
+00:00:06.147628 VMSVGA3d: cap[16]=0x00000000 {TEXTURE_GRADIENT_SAMPLING}
+00:00:06.147628 VMSVGA3d: cap[17]=0.000000 {MAX_POINT_SIZE}
+00:00:06.147629 VMSVGA3d: cap[18]=0x00000000 {MAX_SHADER_TEXTURES}
+00:00:06.147629 VMSVGA3d: cap[19]=0x00004000 {MAX_TEXTURE_WIDTH}
+00:00:06.147630 VMSVGA3d: cap[20]=0x00004000 {MAX_TEXTURE_HEIGHT}
+00:00:06.147630 VMSVGA3d: cap[21]=0x00000000 {MAX_VOLUME_EXTENT}
+00:00:06.147630 VMSVGA3d: cap[22]=0x00000000 {MAX_TEXTURE_REPEAT}
+00:00:06.147631 VMSVGA3d: cap[23]=0x00000000 {MAX_TEXTURE_ASPECT_RATIO}
+00:00:06.147631 VMSVGA3d: cap[24]=0x00000000 {MAX_TEXTURE_ANISOTROPY}
+00:00:06.147631 VMSVGA3d: cap[25]=0x00000000 {MAX_PRIMITIVE_COUNT}
+00:00:06.147632 VMSVGA3d: cap[26]=0x00000000 {MAX_VERTEX_INDEX}
+00:00:06.147632 VMSVGA3d: cap[27]=0x00000000 {MAX_VERTEX_SHADER_INSTRUCTIONS}
+00:00:06.147632 VMSVGA3d: cap[28]=0x00000000 {MAX_FRAGMENT_SHADER_INSTRUCTIONS}
+00:00:06.147633 VMSVGA3d: cap[29]=0x00000000 {MAX_VERTEX_SHADER_TEMPS}
+00:00:06.147633 VMSVGA3d: cap[30]=0x00000000 {MAX_FRAGMENT_SHADER_TEMPS}
+00:00:06.147633 VMSVGA3d: cap[31]=0x00000000 {TEXTURE_OPS}
+00:00:06.147634 VMSVGA3d: cap[32]=0x00000000 {SURFACEFMT_X8R8G8B8}
+00:00:06.147634 VMSVGA3d: cap[33]=0x00000000 {SURFACEFMT_A8R8G8B8}
+00:00:06.147634 VMSVGA3d: cap[34]=0x00000000 {SURFACEFMT_A2R10G10B10}
+00:00:06.147635 VMSVGA3d: cap[35]=0x00000000 {SURFACEFMT_X1R5G5B5}
+00:00:06.147635 VMSVGA3d: cap[36]=0x00000000 {SURFACEFMT_A1R5G5B5}
+00:00:06.147635 VMSVGA3d: cap[37]=0x00000000 {SURFACEFMT_A4R4G4B4}
+00:00:06.147638 VMSVGA3d: cap[38]=0x00000000 {SURFACEFMT_R5G6B5}
+00:00:06.147638 VMSVGA3d: cap[39]=0x00000000 {SURFACEFMT_LUMINANCE16}
+00:00:06.147639 VMSVGA3d: cap[40]=0x00000000 {SURFACEFMT_LUMINANCE8_ALPHA8}
+00:00:06.147639 VMSVGA3d: cap[41]=0x00000000 {SURFACEFMT_ALPHA8}
+00:00:06.147639 VMSVGA3d: cap[42]=0x00000000 {SURFACEFMT_LUMINANCE8}
+00:00:06.147640 VMSVGA3d: cap[43]=0x00000000 {SURFACEFMT_Z_D16}
+00:00:06.147640 VMSVGA3d: cap[44]=0x00000000 {SURFACEFMT_Z_D24S8}
+00:00:06.147640 VMSVGA3d: cap[45]=0x00000000 {SURFACEFMT_Z_D24X8}
+00:00:06.147641 VMSVGA3d: cap[46]=0x00000000 {SURFACEFMT_DXT1}
+00:00:06.147641 VMSVGA3d: cap[47]=0x00000000 {SURFACEFMT_DXT2}
+00:00:06.147641 VMSVGA3d: cap[48]=0x00000000 {SURFACEFMT_DXT3}
+00:00:06.147642 VMSVGA3d: cap[49]=0x00000000 {SURFACEFMT_DXT4}
+00:00:06.147642 VMSVGA3d: cap[50]=0x00000000 {SURFACEFMT_DXT5}
+00:00:06.147642 VMSVGA3d: cap[51]=0x00000000 {SURFACEFMT_BUMPX8L8V8U8}
+00:00:06.147642 VMSVGA3d: cap[52]=0x00000000 {SURFACEFMT_A2W10V10U10}
+00:00:06.147643 VMSVGA3d: cap[53]=0x00000000 {SURFACEFMT_BUMPU8V8}
+00:00:06.147643 VMSVGA3d: cap[54]=0x00000000 {SURFACEFMT_Q8W8V8U8}
+00:00:06.147643 VMSVGA3d: cap[55]=0x00000000 {SURFACEFMT_CxV8U8}
+00:00:06.147644 VMSVGA3d: cap[56]=0x00000000 {SURFACEFMT_R_S10E5}
+00:00:06.147644 VMSVGA3d: cap[57]=0x00000000 {SURFACEFMT_R_S23E8}
+00:00:06.147644 VMSVGA3d: cap[58]=0x00000000 {SURFACEFMT_RG_S10E5}
+00:00:06.147645 VMSVGA3d: cap[59]=0x00000000 {SURFACEFMT_RG_S23E8}
+00:00:06.147645 VMSVGA3d: cap[60]=0x00000000 {SURFACEFMT_ARGB_S10E5}
+00:00:06.147645 VMSVGA3d: cap[61]=0x00000000 {SURFACEFMT_ARGB_S23E8}
+00:00:06.147646 VMSVGA3d: cap[62]=0x00000000 {MISSING62}
+00:00:06.147646 VMSVGA3d: cap[63]=0x00000000 {MAX_VERTEX_SHADER_TEXTURES}
+00:00:06.147646 VMSVGA3d: cap[64]=0x00000000 {MAX_SIMULTANEOUS_RENDER_TARGETS}
+00:00:06.147647 VMSVGA3d: cap[65]=0x00000000 {SURFACEFMT_V16U16}
+00:00:06.147647 VMSVGA3d: cap[66]=0x00000000 {SURFACEFMT_G16R16}
+00:00:06.147647 VMSVGA3d: cap[67]=0x00000000 {SURFACEFMT_A16B16G16R16}
+00:00:06.147648 VMSVGA3d: cap[68]=0x00000000 {SURFACEFMT_UYVY}
+00:00:06.147648 VMSVGA3d: cap[69]=0x00000000 {SURFACEFMT_YUY2}
+00:00:06.147648 VMSVGA3d: cap[70]=0x00000000 {DEAD4}
+00:00:06.147649 VMSVGA3d: cap[71]=0x00000000 {DEAD5}
+00:00:06.147649 VMSVGA3d: cap[72]=0x00000000 {DEAD7}
+00:00:06.147649 VMSVGA3d: cap[73]=0x00000000 {DEAD6}
+00:00:06.147649 VMSVGA3d: cap[74]=0x00000000 {AUTOGENMIPMAPS}
+00:00:06.147650 VMSVGA3d: cap[75]=0x00000000 {SURFACEFMT_NV12}
+00:00:06.147650 VMSVGA3d: cap[76]=0x00000000 {DEAD10}
+00:00:06.147650 VMSVGA3d: cap[77]=0x00000000 {MAX_CONTEXT_IDS}
+00:00:06.147651 VMSVGA3d: cap[78]=0x00000000 {MAX_SURFACE_IDS}
+00:00:06.147651 VMSVGA3d: cap[79]=0x00000000 {SURFACEFMT_Z_DF16}
+00:00:06.147651 VMSVGA3d: cap[80]=0x00000000 {SURFACEFMT_Z_DF24}
+00:00:06.147652 VMSVGA3d: cap[81]=0x00000000 {SURFACEFMT_Z_D24S8_INT}
+00:00:06.147652 VMSVGA3d: cap[82]=0x00000000 {SURFACEFMT_ATI1}
+00:00:06.147652 VMSVGA3d: cap[83]=0x00000000 {SURFACEFMT_ATI2}
+00:00:06.147653 VMSVGA3d: cap[84]=0x00000000 {DEAD1}
+00:00:06.147653 VMSVGA3d: cap[85]=0x00000000 {DEAD8}
+00:00:06.147653 VMSVGA3d: cap[86]=0x00000000 {DEAD9}
+00:00:06.147653 VMSVGA3d: cap[87]=0x00000000 {LINE_AA}
+00:00:06.147654 VMSVGA3d: cap[88]=0x00000000 {LINE_STIPPLE}
+00:00:06.147654 VMSVGA3d: cap[89]=0.000000 {MAX_LINE_WIDTH}
+00:00:06.147655 VMSVGA3d: cap[90]=0.000000 {MAX_AA_LINE_WIDTH}
+00:00:06.147655 VMSVGA3d: cap[91]=0x00000000 {SURFACEFMT_YV12}
+00:00:06.147655 VMSVGA3d: cap[92]=0x00000000 {DEAD3}
+00:00:06.147656 VMSVGA3d: cap[93]=0x00000000 {TS_COLOR_KEY}
+00:00:06.147656 VMSVGA3d: cap[94]=0x00000000 {DEAD2}
+00:00:06.147656 VMSVGA3d: cap[95]=0x00000000 {DXCONTEXT}
+00:00:06.147656 VMSVGA3d: cap[96]=0x00000000 {DEAD11}
+00:00:06.147657 VMSVGA3d: cap[97]=0x00000000 {DX_MAX_VERTEXBUFFERS}
+00:00:06.147657 VMSVGA3d: cap[98]=0x00000000 {DX_MAX_CONSTANT_BUFFERS}
+00:00:06.147657 VMSVGA3d: cap[99]=0x00000000 {DX_PROVOKING_VERTEX}
+00:00:06.147658 VMSVGA3d: cap[100]=0x00000005 {DXFMT_X8R8G8B8}
+00:00:06.147658 VMSVGA3d: cap[101]=0x00000000 {DXFMT_A8R8G8B8}
+00:00:06.147658 VMSVGA3d: cap[102]=0x00000000 {DXFMT_R5G6B5}
+00:00:06.147659 VMSVGA3d: cap[103]=0x00000000 {DXFMT_X1R5G5B5}
+00:00:06.147659 VMSVGA3d: cap[104]=0x00000000 {DXFMT_A1R5G5B5}
+00:00:06.147659 VMSVGA3d: cap[105]=0x00000000 {DXFMT_A4R4G4B4}
+00:00:06.147660 VMSVGA3d: cap[106]=0x00000000 {DXFMT_Z_D32}
+00:00:06.147660 VMSVGA3d: cap[107]=0x00000000 {DXFMT_Z_D16}
+00:00:06.147660 VMSVGA3d: cap[108]=0x00000000 {DXFMT_Z_D24S8}
+00:00:06.147661 VMSVGA3d: cap[109]=0x00000000 {DXFMT_Z_D15S1}
+00:00:06.147661 VMSVGA3d: cap[110]=0x00000000 {DXFMT_LUMINANCE8}
+00:00:06.147661 VMSVGA3d: cap[111]=0x00000000 {DXFMT_LUMINANCE4_ALPHA4}
+00:00:06.147662 VMSVGA3d: cap[112]=0x00000000 {DXFMT_LUMINANCE16}
+00:00:06.147662 VMSVGA3d: cap[113]=0x00000000 {DXFMT_LUMINANCE8_ALPHA8}
+00:00:06.147662 VMSVGA3d: cap[114]=0x00000000 {DXFMT_DXT1}
+00:00:06.147663 VMSVGA3d: cap[115]=0x00000000 {DXFMT_DXT2}
+00:00:06.147663 VMSVGA3d: cap[116]=0x00000000 {DXFMT_DXT3}
+00:00:06.147663 VMSVGA3d: cap[117]=0x00000000 {DXFMT_DXT4}
+00:00:06.147664 VMSVGA3d: cap[118]=0x00000000 {DXFMT_DXT5}
+00:00:06.147664 VMSVGA3d: cap[119]=0x00000000 {DXFMT_BUMPU8V8}
+00:00:06.147664 VMSVGA3d: cap[120]=0x00000000 {DXFMT_BUMPL6V5U5}
+00:00:06.147664 VMSVGA3d: cap[121]=0x00000000 {DXFMT_BUMPX8L8V8U8}
+00:00:06.147665 VMSVGA3d: cap[122]=0x00000000 {DXFMT_FORMAT_DEAD1}
+00:00:06.147665 VMSVGA3d: cap[123]=0x00000000 {DXFMT_ARGB_S10E5}
+00:00:06.147665 VMSVGA3d: cap[124]=0x00000000 {DXFMT_ARGB_S23E8}
+00:00:06.147666 VMSVGA3d: cap[125]=0x00000000 {DXFMT_A2R10G10B10}
+00:00:06.147666 VMSVGA3d: cap[126]=0x00000000 {DXFMT_V8U8}
+00:00:06.147666 VMSVGA3d: cap[127]=0x00000000 {DXFMT_Q8W8V8U8}
+00:00:06.147667 VMSVGA3d: cap[128]=0x00000000 {DXFMT_CxV8U8}
+00:00:06.147667 VMSVGA3d: cap[129]=0x00000000 {DXFMT_X8L8V8U8}
+00:00:06.147667 VMSVGA3d: cap[130]=0x00000000 {DXFMT_A2W10V10U10}
+00:00:06.147668 VMSVGA3d: cap[131]=0x00000000 {DXFMT_ALPHA8}
+00:00:06.147668 VMSVGA3d: cap[132]=0x00000000 {DXFMT_R_S10E5}
+00:00:06.147668 VMSVGA3d: cap[133]=0x00000000 {DXFMT_R_S23E8}
+00:00:06.147669 VMSVGA3d: cap[134]=0x00000000 {DXFMT_RG_S10E5}
+00:00:06.147669 VMSVGA3d: cap[135]=0x00000000 {DXFMT_RG_S23E8}
+00:00:06.147669 VMSVGA3d: cap[136]=0x00000000 {DXFMT_BUFFER}
+00:00:06.147669 VMSVGA3d: cap[137]=0x00000000 {DXFMT_Z_D24X8}
+00:00:06.147670 VMSVGA3d: cap[138]=0x00000000 {DXFMT_V16U16}
+00:00:06.147670 VMSVGA3d: cap[139]=0x00000000 {DXFMT_G16R16}
+00:00:06.147670 VMSVGA3d: cap[140]=0x00000000 {DXFMT_A16B16G16R16}
+00:00:06.147671 VMSVGA3d: cap[141]=0x00000000 {DXFMT_UYVY}
+00:00:06.147671 VMSVGA3d: cap[142]=0x00000000 {DXFMT_YUY2}
+00:00:06.147671 VMSVGA3d: cap[143]=0x00000000 {DXFMT_NV12}
+00:00:06.147672 VMSVGA3d: cap[144]=0x00000000 {DXFMT_FORMAT_DEAD2}
+00:00:06.147672 VMSVGA3d: cap[145]=0x00000000 {DXFMT_R32G32B32A32_TYPELESS}
+00:00:06.147672 VMSVGA3d: cap[146]=0x00000000 {DXFMT_R32G32B32A32_UINT}
+00:00:06.147673 VMSVGA3d: cap[147]=0x00000000 {DXFMT_R32G32B32A32_SINT}
+00:00:06.147673 VMSVGA3d: cap[148]=0x00000000 {DXFMT_R32G32B32_TYPELESS}
+00:00:06.147673 VMSVGA3d: cap[149]=0x00000000 {DXFMT_R32G32B32_FLOAT}
+00:00:06.147674 VMSVGA3d: cap[150]=0x00000000 {DXFMT_R32G32B32_UINT}
+00:00:06.147674 VMSVGA3d: cap[151]=0x00000000 {DXFMT_R32G32B32_SINT}
+00:00:06.147674 VMSVGA3d: cap[152]=0x00000000 {DXFMT_R16G16B16A16_TYPELESS}
+00:00:06.147675 VMSVGA3d: cap[153]=0x00000000 {DXFMT_R16G16B16A16_UINT}
+00:00:06.147675 VMSVGA3d: cap[154]=0x00000000 {DXFMT_R16G16B16A16_SNORM}
+00:00:06.147675 VMSVGA3d: cap[155]=0x00000000 {DXFMT_R16G16B16A16_SINT}
+00:00:06.147676 VMSVGA3d: cap[156]=0x00000000 {DXFMT_R32G32_TYPELESS}
+00:00:06.147676 VMSVGA3d: cap[157]=0x00000000 {DXFMT_R32G32_UINT}
+00:00:06.147679 VMSVGA3d: cap[158]=0x00000000 {DXFMT_R32G32_SINT}
+00:00:06.147679 VMSVGA3d: cap[159]=0x00000000 {DXFMT_R32G8X24_TYPELESS}
+00:00:06.147679 VMSVGA3d: cap[160]=0x00000000 {DXFMT_D32_FLOAT_S8X24_UINT}
+00:00:06.147680 VMSVGA3d: cap[161]=0x00000000 {DXFMT_R32_FLOAT_X8X24}
+00:00:06.147680 VMSVGA3d: cap[162]=0x00000000 {DXFMT_X32_G8X24_UINT}
+00:00:06.147680 VMSVGA3d: cap[163]=0x00000000 {DXFMT_R10G10B10A2_TYPELESS}
+00:00:06.147681 VMSVGA3d: cap[164]=0x00000000 {DXFMT_R10G10B10A2_UINT}
+00:00:06.147681 VMSVGA3d: cap[165]=0x00000000 {DXFMT_R11G11B10_FLOAT}
+00:00:06.147681 VMSVGA3d: cap[166]=0x00000000 {DXFMT_R8G8B8A8_TYPELESS}
+00:00:06.147682 VMSVGA3d: cap[167]=0x00000000 {DXFMT_R8G8B8A8_UNORM}
+00:00:06.147682 VMSVGA3d: cap[168]=0x00000000 {DXFMT_R8G8B8A8_UNORM_SRGB}
+00:00:06.147682 VMSVGA3d: cap[169]=0x00000000 {DXFMT_R8G8B8A8_UINT}
+00:00:06.147683 VMSVGA3d: cap[170]=0x00000000 {DXFMT_R8G8B8A8_SINT}
+00:00:06.147683 VMSVGA3d: cap[171]=0x00000000 {DXFMT_R16G16_TYPELESS}
+00:00:06.147683 VMSVGA3d: cap[172]=0x00000000 {DXFMT_R16G16_UINT}
+00:00:06.147683 VMSVGA3d: cap[173]=0x00000000 {DXFMT_R16G16_SINT}
+00:00:06.147684 VMSVGA3d: cap[174]=0x00000000 {DXFMT_R32_TYPELESS}
+00:00:06.147684 VMSVGA3d: cap[175]=0x00000000 {DXFMT_D32_FLOAT}
+00:00:06.147684 VMSVGA3d: cap[176]=0x00000000 {DXFMT_R32_UINT}
+00:00:06.147685 VMSVGA3d: cap[177]=0x00000000 {DXFMT_R32_SINT}
+00:00:06.147685 VMSVGA3d: cap[178]=0x00000000 {DXFMT_R24G8_TYPELESS}
+00:00:06.147685 VMSVGA3d: cap[179]=0x00000000 {DXFMT_D24_UNORM_S8_UINT}
+00:00:06.147686 VMSVGA3d: cap[180]=0x00000000 {DXFMT_R24_UNORM_X8}
+00:00:06.147686 VMSVGA3d: cap[181]=0x00000000 {DXFMT_X24_G8_UINT}
+00:00:06.147686 VMSVGA3d: cap[182]=0x00000000 {DXFMT_R8G8_TYPELESS}
+00:00:06.147687 VMSVGA3d: cap[183]=0x00000000 {DXFMT_R8G8_UNORM}
+00:00:06.147687 VMSVGA3d: cap[184]=0x00000000 {DXFMT_R8G8_UINT}
+00:00:06.147687 VMSVGA3d: cap[185]=0x00000000 {DXFMT_R8G8_SINT}
+00:00:06.147688 VMSVGA3d: cap[186]=0x00000000 {DXFMT_R16_TYPELESS}
+00:00:06.147688 VMSVGA3d: cap[187]=0x00000000 {DXFMT_R16_UNORM}
+00:00:06.147688 VMSVGA3d: cap[188]=0x00000000 {DXFMT_R16_UINT}
+00:00:06.147689 VMSVGA3d: cap[189]=0x00000000 {DXFMT_R16_SNORM}
+00:00:06.147689 VMSVGA3d: cap[190]=0x00000000 {DXFMT_R16_SINT}
+00:00:06.147689 VMSVGA3d: cap[191]=0x00000000 {DXFMT_R8_TYPELESS}
+00:00:06.147690 VMSVGA3d: cap[192]=0x00000000 {DXFMT_R8_UNORM}
+00:00:06.147690 VMSVGA3d: cap[193]=0x00000000 {DXFMT_R8_UINT}
+00:00:06.147690 VMSVGA3d: cap[194]=0x00000000 {DXFMT_R8_SNORM}
+00:00:06.147690 VMSVGA3d: cap[195]=0x00000000 {DXFMT_R8_SINT}
+00:00:06.147691 VMSVGA3d: cap[196]=0x00000000 {DXFMT_P8}
+00:00:06.147691 VMSVGA3d: cap[197]=0x00000000 {DXFMT_R9G9B9E5_SHAREDEXP}
+00:00:06.147691 VMSVGA3d: cap[198]=0x00000000 {DXFMT_R8G8_B8G8_UNORM}
+00:00:06.147692 VMSVGA3d: cap[199]=0x00000000 {DXFMT_G8R8_G8B8_UNORM}
+00:00:06.147692 VMSVGA3d: cap[200]=0x00000000 {DXFMT_BC1_TYPELESS}
+00:00:06.147692 VMSVGA3d: cap[201]=0x00000000 {DXFMT_BC1_UNORM_SRGB}
+00:00:06.147693 VMSVGA3d: cap[202]=0x00000000 {DXFMT_BC2_TYPELESS}
+00:00:06.147693 VMSVGA3d: cap[203]=0x00000000 {DXFMT_BC2_UNORM_SRGB}
+00:00:06.147693 VMSVGA3d: cap[204]=0x00000000 {DXFMT_BC3_TYPELESS}
+00:00:06.147694 VMSVGA3d: cap[205]=0x00000000 {DXFMT_BC3_UNORM_SRGB}
+00:00:06.147694 VMSVGA3d: cap[206]=0x00000000 {DXFMT_BC4_TYPELESS}
+00:00:06.147694 VMSVGA3d: cap[207]=0x00000000 {DXFMT_ATI1}
+00:00:06.147695 VMSVGA3d: cap[208]=0x00000000 {DXFMT_BC4_SNORM}
+00:00:06.147695 VMSVGA3d: cap[209]=0x00000000 {DXFMT_BC5_TYPELESS}
+00:00:06.147695 VMSVGA3d: cap[210]=0x00000000 {DXFMT_ATI2}
+00:00:06.147696 VMSVGA3d: cap[211]=0x00000000 {DXFMT_BC5_SNORM}
+00:00:06.147696 VMSVGA3d: cap[212]=0x00000000 {DXFMT_R10G10B10_XR_BIAS_A2_UNORM}
+00:00:06.147696 VMSVGA3d: cap[213]=0x00000000 {DXFMT_B8G8R8A8_TYPELESS}
+00:00:06.147697 VMSVGA3d: cap[214]=0x00000000 {DXFMT_B8G8R8A8_UNORM_SRGB}
+00:00:06.147697 VMSVGA3d: cap[215]=0x00000000 {DXFMT_B8G8R8X8_TYPELESS}
+00:00:06.147697 VMSVGA3d: cap[216]=0x00000000 {DXFMT_B8G8R8X8_UNORM_SRGB}
+00:00:06.147698 VMSVGA3d: cap[217]=0x00000000 {DXFMT_Z_DF16}
+00:00:06.147698 VMSVGA3d: cap[218]=0x00000000 {DXFMT_Z_DF24}
+00:00:06.147698 VMSVGA3d: cap[219]=0x00000000 {DXFMT_Z_D24S8_INT}
+00:00:06.147699 VMSVGA3d: cap[220]=0x00000000 {DXFMT_YV12}
+00:00:06.147699 VMSVGA3d: cap[221]=0x00000000 {DXFMT_R32G32B32A32_FLOAT}
+00:00:06.147699 VMSVGA3d: cap[222]=0x00000000 {DXFMT_R16G16B16A16_FLOAT}
+00:00:06.147699 VMSVGA3d: cap[223]=0x00000000 {DXFMT_R16G16B16A16_UNORM}
+00:00:06.147700 VMSVGA3d: cap[224]=0x00000000 {DXFMT_R32G32_FLOAT}
+00:00:06.147700 VMSVGA3d: cap[225]=0x00000000 {DXFMT_R10G10B10A2_UNORM}
+00:00:06.147700 VMSVGA3d: cap[226]=0x00000000 {DXFMT_R8G8B8A8_SNORM}
+00:00:06.147701 VMSVGA3d: cap[227]=0x00000000 {DXFMT_R16G16_FLOAT}
+00:00:06.147701 VMSVGA3d: cap[228]=0x00000000 {DXFMT_R16G16_UNORM}
+00:00:06.147701 VMSVGA3d: cap[229]=0x00000000 {DXFMT_R16G16_SNORM}
+00:00:06.147702 VMSVGA3d: cap[230]=0x00000000 {DXFMT_R32_FLOAT}
+00:00:06.147702 VMSVGA3d: cap[231]=0x00000000 {DXFMT_R8G8_SNORM}
+00:00:06.147702 VMSVGA3d: cap[232]=0x00000000 {DXFMT_R16_FLOAT}
+00:00:06.147703 VMSVGA3d: cap[233]=0x00000000 {DXFMT_D16_UNORM}
+00:00:06.147703 VMSVGA3d: cap[234]=0x00000000 {DXFMT_A8_UNORM}
+00:00:06.147703 VMSVGA3d: cap[235]=0x00000000 {DXFMT_BC1_UNORM}
+00:00:06.147704 VMSVGA3d: cap[236]=0x00000000 {DXFMT_BC2_UNORM}
+00:00:06.147704 VMSVGA3d: cap[237]=0x00000000 {DXFMT_BC3_UNORM}
+00:00:06.147704 VMSVGA3d: cap[238]=0x00000000 {DXFMT_B5G6R5_UNORM}
+00:00:06.147705 VMSVGA3d: cap[239]=0x00000000 {DXFMT_B5G5R5A1_UNORM}
+00:00:06.147705 VMSVGA3d: cap[240]=0x00000000 {DXFMT_B8G8R8A8_UNORM}
+00:00:06.147705 VMSVGA3d: cap[241]=0x00000000 {DXFMT_B8G8R8X8_UNORM}
+00:00:06.147706 VMSVGA3d: cap[242]=0x00000000 {DXFMT_BC4_UNORM}
+00:00:06.147706 VMSVGA3d: cap[243]=0x00000000 {DXFMT_BC5_UNORM}
+00:00:06.147706 VMSVGA3d: cap[244]=0x00000000 {SM41}
+00:00:06.147707 VMSVGA3d: cap[245]=0x00000000 {MULTISAMPLE_2X}
+00:00:06.147707 VMSVGA3d: cap[246]=0x00000000 {MULTISAMPLE_4X}
+00:00:06.147710 VMSVGA3d: cap[247]=0x00000000 {MS_FULL_QUALITY}
+00:00:06.147710 VMSVGA3d: cap[248]=0x00000000 {LOGICOPS}
+00:00:06.147710 VMSVGA3d: cap[249]=0x00000000 {LOGIC_BLENDOPS}
+00:00:06.147711 VMSVGA3d: cap[250]=0x00000000 {RESERVED_1}
+00:00:06.147711 VMSVGA3d: cap[251]=0x00000000 {DXFMT_BC6H_TYPELESS}
+00:00:06.147711 VMSVGA3d: cap[252]=0x00000000 {DXFMT_BC6H_UF16}
+00:00:06.147712 VMSVGA3d: cap[253]=0x00000000 {DXFMT_BC6H_SF16}
+00:00:06.147712 VMSVGA3d: cap[254]=0x00000000 {DXFMT_BC7_TYPELESS}
+00:00:06.147712 VMSVGA3d: cap[255]=0x00000000 {DXFMT_BC7_UNORM}
+00:00:06.147713 VMSVGA3d: cap[256]=0x00000000 {DXFMT_BC7_UNORM_SRGB}
+00:00:06.147713 VMSVGA3d: cap[257]=0x00000000 {RESERVED_2}
+00:00:06.147713 VMSVGA3d: cap[258]=0x00000000 {SM5}
+00:00:06.147714 VMSVGA3d: cap[259]=0x00000000 {MULTISAMPLE_8X}
+00:00:06.147717 AIOMgr: Endpoints without assigned bandwidth groups:
+00:00:06.147733 AIOMgr:     C:\Users\PCOEM\AeThexOS\AeThexOS_V5\AeThexOS_V5.vdi
+00:00:06.147819 Changing the VM state from 'POWERING_ON' to 'RUNNING'
+00:00:06.147831 Console: Machine state changed to 'Running'
+00:00:06.150810 VMMDev: Guest Log: BIOS: VirtualBox 7.2.4
+00:00:06.151136 PCI: Setting up resources and interrupts
+00:00:06.153670 PIT: mode=2 count=0x10000 (65536) - 18.20 Hz (ch=0)
+00:00:06.175729 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=0000000000000000 w=720 h=400 bpp=0 cbLine=0x0 flags=0x0 origin=0,0
+00:00:06.187827 GUI: UIMachineViewNormal::resendSizeHint: Restoring guest size-hint for screen 0 to 800x600
+00:00:06.210084 VMMDev: Guest Log: CPUID EDX: 0x178bfbff
+00:00:06.210222 PIIX3 ATA: Ctl#0: RESET, DevSel=0 AIOIf=0 CmdIf0=0x00 (-1 usec ago) CmdIf1=0x00 (-1 usec ago)
+00:00:06.210247 PIIX3 ATA: Ctl#0: finished processing RESET
+00:00:06.213044 AHCI#0: Reset the HBA
+00:00:06.213063 VD#0: Cancelling all active requests
+00:00:06.213127 AHCI#0: Port 0 reset
+00:00:06.213152 VD#0: Cancelling all active requests
+00:00:06.214086 VMMDev: Guest Log: BIOS: AHCI 0-P#0: PCHS=16383/16/63 LCHS=1024/255/63 0x0000000002710000 sectors
+00:00:06.214180 AHCI#0: Port 1 reset
+00:00:06.255869 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6
+00:00:06.373585 AHCI#0: Port 2 reset
+00:00:06.538331 GUI: UIMediumEnumerator: Medium-enumeration finished!
+00:00:06.538792 AHCI#0: Port 3 reset
+00:00:06.703496 AHCI#0: Port 4 reset
+00:00:06.868111 AHCI#0: Port 5 reset
+00:00:07.033299 AHCI#0: Port 6 reset
+00:00:07.197837 AHCI#0: Port 7 reset
+00:00:07.362691 AHCI#0: Port 8 reset
+00:00:07.527942 AHCI#0: Port 9 reset
+00:00:07.693827 AHCI#0: Port 10 reset
+00:00:07.856448 AHCI#0: Port 11 reset
+00:00:08.021454 AHCI#0: Port 12 reset
+00:00:08.186373 AHCI#0: Port 13 reset
+00:00:08.351414 AHCI#0: Port 14 reset
+00:00:08.516436 AHCI#0: Port 15 reset
+00:00:08.681275 AHCI#0: Port 16 reset
+00:00:08.846113 AHCI#0: Port 17 reset
+00:00:09.010830 AHCI#0: Port 18 reset
+00:00:09.177053 AHCI#0: Port 19 reset
+00:00:09.340062 AHCI#0: Port 20 reset
+00:00:09.505078 AHCI#0: Port 21 reset
+00:00:09.670217 AHCI#0: Port 22 reset
+00:00:09.834024 AHCI#0: Port 23 reset
+00:00:09.999947 AHCI#0: Port 24 reset
+00:00:10.164008 AHCI#0: Port 25 reset
+00:00:10.328943 AHCI#0: Port 26 reset
+00:00:10.493804 AHCI#0: Port 27 reset
+00:00:10.660028 AHCI#0: Port 28 reset
+00:00:10.823231 AHCI#0: Port 29 reset
+00:00:11.024272 PIT: mode=2 count=0x48d3 (18643) - 64.00 Hz (ch=0)
+00:00:11.043128 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=0000023da09e0000 w=640 h=480 bpp=32 cbLine=0xA00 flags=0x0 origin=0,0
+00:00:11.384620 GUI: UIMediumEnumerator: Medium-enumeration finished!
+00:00:13.498550 PIT: mode=2 count=0x10000 (65536) - 18.20 Hz (ch=0)
+00:00:13.498773 VMMDev: Guest Log: BIOS: Boot : bseqnr=1, bootseq=0023
+00:00:13.499562 VMMDev: Guest Log: BIOS: Booting from CD-ROM...
+00:00:13.509324 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=0000000000000000 w=720 h=400 bpp=0 cbLine=0x0 flags=0x0 origin=0,0
+00:00:13.851480 GUI: UIMediumEnumerator: Medium-enumeration finished!
+00:00:22.301577 GIM: KVM: VCPU  0: Enabled system-time struct. at 0x0000000011201000 - u32TscScale=0xcd209d76 i8TscShift=-1 uVersion=2 fFlags=0x1 uTsc=0x9633b49a7 uVirtNanoTS=0x3c2d453cc TscKHz=2496008
+00:00:22.301607 TM: Host/VM is not suitable for using TSC mode 'RealTSCOffset', request to change TSC mode ignored
+00:00:22.741282 GIM: KVM: Enabled wall-clock struct. at 0x0000000011200000 - u32Sec=1770357026 u32Nano=596980700 uVersion=2
+00:00:22.788741 PIT: mode=2 count=0x12a5 (4773) - 249.98 Hz (ch=0)
+00:00:22.946326 PIT: mode=0 count=0x10000 (65536) - 18.20 Hz (ch=0)
+00:00:22.951014 GIM: KVM: VCPU  1: Enabled system-time struct. at 0x0000000011201040 - u32TscScale=0xcd209d76 i8TscShift=-1 uVersion=2 fFlags=0x1 uTsc=0x9c3da12fe uVirtNanoTS=0x3e98a0f0d TscKHz=2496008
+00:00:22.951043 TM: Host/VM is not suitable for using TSC mode 'RealTSCOffset', request to change TSC mode ignored
+00:00:23.409668 PIIX3 ATA: Ctl#0: RESET, DevSel=0 AIOIf=0 CmdIf0=0xa0 (-1 usec ago) CmdIf1=0x00 (-1 usec ago)
+00:00:23.409745 PIIX3 ATA: Ctl#0: finished processing RESET
+00:00:24.832031 MsrExit/1: 0010:ffffffffb7a9cd58/LM: RDMSR c0011029 -> 00000000 / VERR_CPUM_RAISE_GP_0
+00:00:25.097061 AHCI#0: Reset the HBA
+00:00:25.097092 VD#0: Cancelling all active requests
+00:00:25.216771 AHCI#0: Port 0 reset
+00:00:25.221445 VD#0: Cancelling all active requests
+00:00:27.789166 NAT: Link up
+00:00:52.079926 VMMDev: Guest Log: vboxguest: host-version: 7.2.4r170995 0x8000000f
+00:00:52.080161 VMMDev: Guest Additions information report: Version 6.0.0 r127566 '6.0.0'
+00:00:52.080204 VMMDev: Guest Additions information report: Interface = 0x00010004 osType = 0x00053100 (Linux >= 2.6, 64-bit)
+00:00:52.080318 VMMDev: Guest Additions capability report: (0x0 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no
+00:00:52.080409 VMMDev: vmmDevReqHandler_HeartbeatConfigure: No change (fHeartbeatActive=false)
+00:00:52.080438 VMMDev: Heartbeat flatline timer set to trigger after 4 000 000 000 ns
+00:00:52.080544 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners.
+00:00:52.080559 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6
+00:00:52.080572 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners.
+00:00:52.080577 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6
+00:00:52.081443 VMMDev: Guest Log: vbg_heartbeat_init: Setting up heartbeat to trigger every 2000 milliseconds
+00:00:52.081633 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners.
+00:00:52.086186 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary
+00:00:52.086217 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6
+00:00:52.088502 VMMDev: Guest Log: vboxguest: misc device minor 123, IRQ 20, I/O port d040, MMIO at 0x00000000f0400000 (size 0x0000000000400000)
+00:00:52.962974 Enabling different vbva mode
+00:00:52.965155 VMSVGA: 3D disabled, but command 1115 will be processed
+00:00:52.965221 VMSVGA: 3D disabled, but command 1115 will be processed
+00:00:52.965247 VMSVGA: 3D disabled, but command 1115 will be processed
+00:00:52.965252 VMSVGA: 3D disabled, but command 1115 will be processed
+00:00:52.965261 VMSVGA: 3D disabled, but command 1115 will be processed
+00:00:52.965264 VMSVGA: 3D disabled, but command 1135 will be processed
+00:00:52.965283 VMSVGA: 3D disabled, but command 1097 will be processed
+00:00:52.965479 VMSVGA: 3D disabled, but command 1099 will be processed
+00:00:52.965498 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=0000023dd95a0000 w=800 h=600 bpp=32 cbLine=0xC80 flags=0x1 origin=0,0
+00:00:53.310824 GUI: UIMediumEnumerator: Medium-enumeration finished!
+00:00:58.097455 AC97: Reset
+00:00:58.097480 AC97: Mixer reset (EAID=0x809, EACS=0x9)
+00:00:58.097485 AC97: Record select to left=mic, right=mic
+00:00:58.097489 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:00:58.097495 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097499 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097503 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097506 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097510 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097514 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097517 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097779 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097789 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.097999 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098008 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098256 AC97: Reset
+00:00:58.098264 AC97: Mixer reset (EAID=0x809, EACS=0x9)
+00:00:58.098268 AC97: Record select to left=mic, right=mic
+00:00:58.098271 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:00:58.098275 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098279 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098283 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098287 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098291 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098298 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.098304 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101709 Audio Mixer: Setting master volume of 'AC'97 Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:00:58.101720 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101724 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101728 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101831 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:00:58.101840 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101844 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101848 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101954 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:00:58.101963 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101967 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.101971 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102019 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: 83 83 83 83 83 83 83 83 83 83 83 83
+00:00:58.102029 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102033 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102037 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102195 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: bf bf bf bf bf bf bf bf bf bf bf bf
+00:00:58.102204 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102208 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102212 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102422 Audio Mixer: MUTING master volume of 'AC'97 Mixer' -- channel volumes: 83 83 83 83 83 83 83 83 83 83 83 83
+00:00:58.102432 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102437 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.102440 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.107960 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108069 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108186 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108249 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108454 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108571 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108580 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108684 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108694 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108807 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108816 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108877 AC97: Record select to left=mic, right=mic
+00:00:58.108938 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.108947 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:00:58.111546 WasAPI: Looking up or creating cache entry (caching is set to enabled, iface 0000023ddc9dad50, async init)
+00:00:58.111651 Audio: Warning: Scheduling hint of stream '[WasAPI] Output:0' is bigger (893353197573ms) than used period size (893353197568ms)
+00:01:52.216128 WasAPI: Looking up or creating cache entry (caching is set to enabled, iface 0000023ddc9dad50, async init)
+00:01:52.216202 drvHostAudioWasCacheLookupOrCreate: WasAPI: fOnWorker=false, fStaleDevice=false
+00:01:52.216214 Audio: Warning: Scheduling hint of stream '[WasAPI] Output:0' is bigger (2461016260618ms) than used period size (0ms)
+00:01:52.218889 WasAPI: Looking up or creating cache entry (caching is set to enabled, iface 0000023ddc9da300, async init)
+00:01:52.218936 Audio: Warning: Scheduling hint of stream '[WasAPI] Line-In:0' is bigger (10ms) than used period size (0ms)
+00:01:52.349834 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.349864 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.350075 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.350084 Audio Mixer: MUTING sink 'AC'97 Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.352242 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.352460 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.352678 Audio Mixer: Setting master volume of 'AC'97 Mixer' -- channel volumes: 83 83 83 83 83 83 83 83 83 83 83 83
+00:01:52.352688 Audio Mixer: Setting sink 'AC'97 Mixer/Line In' -- channel volumes: 83 83 83 83 83 83 83 83 83 83 83 83
+00:01:52.352692 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.352696 Audio Mixer: MUTING sink 'AC'97 Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.352756 Audio Mixer: Setting sink 'AC'97 Mixer/PCM Output' -- channel volumes: 55 55 55 55 55 55 55 55 55 55 55 55
+00:01:52.352827 Audio Mixer: Setting master volume of 'AC'97 Mixer' -- channel volumes: ff 83 ff ff ff ff ff ff ff ff ff ff
+00:01:52.352836 Audio Mixer: Setting sink 'AC'97 Mixer/Line In' -- channel volumes: ff 83 ff ff ff ff ff ff ff ff ff ff
+00:01:52.352841 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.352844 Audio Mixer: Setting sink 'AC'97 Mixer/PCM Output' -- channel volumes: a7 55 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7
+00:01:52.352903 Audio Mixer: Setting master volume of 'AC'97 Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:01:52.352912 Audio Mixer: Setting sink 'AC'97 Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
+00:01:52.352916 Audio Mixer: MUTING sink 'AC'97 Mixer/Microphone In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00
+00:01:52.352920 Audio Mixer: Setting sink 'AC'97 Mixer/PCM Output' -- channel volumes: a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7
+00:01:52.352978 Audio Mixer: Setting sink 'AC'97 Mixer/PCM Output' -- channel volumes: ff a7 ff ff ff ff ff ff ff ff ff ff
+00:01:52.353044 Audio Mixer: Setting sink 'AC'97 Mixer/PCM Output' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff
diff --git a/AeThexOS_V5/Logs/VBoxHardening.log b/AeThexOS_V5/Logs/VBoxHardening.log
new file mode 100644
index 0000000..bc4c43b
--- /dev/null
+++ b/AeThexOS_V5/Logs/VBoxHardening.log
@@ -0,0 +1,4427 @@
+c5a8.9c80: \SystemRoot\System32\ntdll.dll:
+c5a8.9c80:     CreationTime:    2026-01-29T22:35:39.716023100Z
+c5a8.9c80:     LastWriteTime:   2026-01-29T22:35:40.009089100Z
+c5a8.9c80:     ChangeTime:      2026-02-05T09:04:49.647492500Z
+c5a8.9c80:     FileAttributes:  0x20
+c5a8.9c80:     Size:            0x267b80
+c5a8.9c80:     NT Headers:      0xe0
+c5a8.9c80:     Timestamp:       0xbafb00ad
+c5a8.9c80:     Machine:         0x8664 - amd64
+c5a8.9c80:     Timestamp:       0xbafb00ad
+c5a8.9c80:     Image Version:   10.0
+c5a8.9c80:     SizeOfImage:     0x268000 (2523136)
+c5a8.9c80:     Resource Dir:    0x1ec000 LB 0x7a108
+c5a8.9c80:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
+c5a8.9c80:     [Raw version resource data: 0x1ec0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
+c5a8.9c80:     ProductName:     Microsoft® Windows® Operating System
+c5a8.9c80:     ProductVersion:  10.0.26100.7705
+c5a8.9c80:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+c5a8.9c80:     FileDescription: NT Layer DLL
+c5a8.9c80: \SystemRoot\System32\kernel32.dll:
+c5a8.9c80:     CreationTime:    2026-01-29T22:35:35.579009500Z
+c5a8.9c80:     LastWriteTime:   2026-01-29T22:35:35.662547000Z
+c5a8.9c80:     ChangeTime:      2026-02-05T09:04:44.827659200Z
+c5a8.9c80:     FileAttributes:  0x20
+c5a8.9c80:     Size:            0xcc218
+c5a8.9c80:     NT Headers:      0xf0
+c5a8.9c80:     Timestamp:       0x9db26d02
+c5a8.9c80:     Machine:         0x8664 - amd64
+c5a8.9c80:     Timestamp:       0x9db26d02
+c5a8.9c80:     Image Version:   10.0
+c5a8.9c80:     SizeOfImage:     0xc9000 (823296)
+c5a8.9c80:     Resource Dir:    0xc7000 LB 0x520
+c5a8.9c80:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
+c5a8.9c80:     [Raw version resource data: 0xc70b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
+c5a8.9c80:     ProductName:     Microsoft® Windows® Operating System
+c5a8.9c80:     ProductVersion:  10.0.26100.7705
+c5a8.9c80:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+c5a8.9c80:     FileDescription: Windows NT BASE API Client DLL
+c5a8.9c80: \SystemRoot\System32\KernelBase.dll:
+c5a8.9c80:     CreationTime:    2026-01-29T22:35:35.618516400Z
+c5a8.9c80:     LastWriteTime:   2026-01-29T22:35:36.330801000Z
+c5a8.9c80:     ChangeTime:      2026-02-05T09:04:48.643602300Z
+c5a8.9c80:     FileAttributes:  0x20
+c5a8.9c80:     Size:            0x3f32c8
+c5a8.9c80:     NT Headers:      0x108
+c5a8.9c80:     Timestamp:       0xe31726d
+c5a8.9c80:     Machine:         0x8664 - amd64
+c5a8.9c80:     Timestamp:       0xe31726d
+c5a8.9c80:     Image Version:   10.0
+c5a8.9c80:     SizeOfImage:     0x3f1000 (4132864)
+c5a8.9c80:     Resource Dir:    0x3b7000 LB 0x548
+c5a8.9c80:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
+c5a8.9c80:     [Raw version resource data: 0x3b70b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
+c5a8.9c80:     ProductName:     Microsoft® Windows® Operating System
+c5a8.9c80:     ProductVersion:  10.0.26100.7705
+c5a8.9c80:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+c5a8.9c80:     FileDescription: Windows NT BASE API Client DLL
+c5a8.9c80: \SystemRoot\System32\apisetschema.dll:
+c5a8.9c80:     CreationTime:    2026-01-29T22:35:25.488911500Z
+c5a8.9c80:     LastWriteTime:   2026-01-29T22:35:25.526592500Z
+c5a8.9c80:     ChangeTime:      2026-02-05T09:04:47.126881200Z
+c5a8.9c80:     FileAttributes:  0x20
+c5a8.9c80:     Size:            0x2f598
+c5a8.9c80:     NT Headers:      0xd8
+c5a8.9c80:     Timestamp:       0xd5983b53
+c5a8.9c80:     Machine:         0x8664 - amd64
+c5a8.9c80:     Timestamp:       0xd5983b53
+c5a8.9c80:     Image Version:   10.0
+c5a8.9c80:     SizeOfImage:     0x2e000 (188416)
+c5a8.9c80:     Resource Dir:    0x2d000 LB 0x408
+c5a8.9c80:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
+c5a8.9c80:     [Raw version resource data: 0x2d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
+c5a8.9c80:     ProductName:     Microsoft® Windows® Operating System
+c5a8.9c80:     ProductVersion:  10.0.26100.7705
+c5a8.9c80:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+c5a8.9c80:     FileDescription: ApiSet Schema DLL
+c5a8.9c80: NtOpenDirectoryObject failed on \Driver: 0xc0000022
+c5a8.9c80: supR3HardenedWinFindAdversaries: 0x0
+c5a8.9c80: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+c5a8.9c80: Calling main()
+c5a8.9c80: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
+c5a8.9c80: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+c5a8.9c80: SUPR3HardenedMain: Respawn #1
+c5a8.9c80: System32:  \Device\HarddiskVolume3\Windows\System32
+c5a8.9c80: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
+c5a8.9c80: KnownDllPath: C:\WINDOWS\System32
+c5a8.9c80: supR3HardenedWinInit: Performing a limited self purification...
+c5a8.9c80: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
+c5a8.9c80:  *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
+c5a8.9c80:   000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
+c5a8.9c80:   000000007fff0000-0000007307c9ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *0000007307ca0000-0000007307d58fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   0000007307d59000-0000007307d5bfff 0x0104/0x0004 0x0020000
+c5a8.9c80:   0000007307d5c000-0000007307d9ffff 0x0004/0x0004 0x0020000
+c5a8.9c80:   0000007307da0000-0000007307dfffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *0000007307e00000-0000007307f1dfff 0x0000/0x0004 0x0020000
+c5a8.9c80:   0000007307f1e000-0000007307f20fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   0000007307f21000-0000007307ffffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   0000007308000000-000001d74c16ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c170000-000001d74c170fff 0x0004/0x0004 0x0040000
+c5a8.9c80:   000001d74c171000-000001d74c171fff 0x0000/0x0004 0x0040000
+c5a8.9c80:   000001d74c172000-000001d74c17ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c180000-000001d74c18ffff 0x0004/0x0004 0x0040000
+c5a8.9c80:  *000001d74c190000-000001d74c1b9fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c1ba000-000001d74c1bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c1c0000-000001d74c1c3fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c1c4000-000001d74c1cffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c1d0000-000001d74c1d0fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c1d1000-000001d74c1dffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c1e0000-000001d74c1e1fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74c1e2000-000001d74c1effff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c1f0000-000001d74c1f2fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c1f3000-000001d74c1fffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c200000-000001d74c208fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c209000-000001d74c20ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c210000-000001d74c218fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c219000-000001d74c21ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c220000-000001d74c221fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c222000-000001d74c22ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c230000-000001d74c232fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c233000-000001d74c23ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c240000-000001d74c242fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c243000-000001d74c24ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74c250000-000001d74c322fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   000001d74c323000-000001d74cffffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000001d74d000000-000001d74d001fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d002000-000001d74d0fffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d100000-000001d74d10dfff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d10e000-000001d74d112fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d113000-000001d74d115fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d116000-000001d74d1fffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d200000-000001d74d200fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d201000-000001d74d2fffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d300000-000001d74d302fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d303000-000001d74d3fffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d400000-000001d74d401fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d402000-000001d74d4fffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d500000-000001d74d511fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d512000-000001d74d512fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d513000-000001d74d52dfff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d52e000-000001d74d52efff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d52f000-000001d74d53efff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d53f000-000001d74d547fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74d548000-000001d74d548fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74d549000-000001d74dffffff 0x0000/0x0004 0x0020000
+c5a8.9c80:  *000001d74e000000-000001d74e001fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74e002000-000001d74e00ffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74e010000-000001d74e277fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   000001d74e278000-000001d74effffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   000001d74f000000-00007df4a129ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007df4a12a0000-00007df4a4d88fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   00007df4a4d89000-00007df4a4d89fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   00007df4a4d8a000-00007df5a129ffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   00007df5a12a0000-00007df5a12a0fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   00007df5a12a1000-00007df5a12bffff 0x0000/0x0004 0x0020000
+c5a8.9c80:  *00007df5a12c0000-00007df5a2728fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007df5a2729000-00007df5a2800fff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007df5a2801000-00007df5a3095fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007df5a3096000-00007df5a3096fff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007df5a3097000-00007ff5806cefff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff5806cf000-00007ff5806d3fff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff5806d4000-00007ff583cf9fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff583cfa000-00007ff5881dafff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007ff5881db000-00007ff5881ddfff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff5881de000-00007ff5882aefff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007ff5882af000-00007ff5882bffff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff5882c0000-00007ff588302fff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007ff588303000-00007ff588306fff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff588307000-00007ff58838afff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007ff58838b000-00007ff588394fff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff588395000-00007ff5a12bffff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff5a12c0000-00007ff5ecdbffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff5ecdc0000-00007ff5ecdc4fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00007ff5ecdc5000-00007ff5ecebffff 0x0000/0x0002 0x0040000
+c5a8.9c80:  *00007ff5ecec0000-00007ff5ecf34fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   00007ff5ecf35000-00007ff5ecf35fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   00007ff5ecf36000-00007ff5eeebffff 0x0000/0x0004 0x0020000
+c5a8.9c80:   00007ff5eeec0000-00007ff5eeec0fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   00007ff5eeec1000-00007ff5eeecffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff5eeed0000-00007ff5eeed0fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00007ff5eeed1000-00007ff7d03bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff7d03c0000-00007ff7d03c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d03c1000-00007ff7d042bfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d042c000-00007ff7d042cfff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d042d000-00007ff7d0481fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d0482000-00007ff7d0484fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d0485000-00007ff7d0488fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d0489000-00007ff7d048dfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d048e000-00007ff7d048efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d048f000-00007ff7d04c9fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d04ca000-00007ff9bc6cffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff9bc6d0000-00007ff9bc6d0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\apphelp.dll
+c5a8.9c80:   00007ff9bc6d1000-00007ff9bc729fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\apphelp.dll
+c5a8.9c80:   00007ff9bc72a000-00007ff9bc74ffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\apphelp.dll
+c5a8.9c80:   00007ff9bc750000-00007ff9bc751fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\apphelp.dll
+c5a8.9c80:   00007ff9bc752000-00007ff9bc76dfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\apphelp.dll
+c5a8.9c80:   00007ff9bc76e000-00007ff9bfbcffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff9bfbd0000-00007ff9bfbd0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bfbd1000-00007ff9bfd75fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bfd76000-00007ff9bff67fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bff68000-00007ff9bff6bfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bff6c000-00007ff9bff6cfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bff6d000-00007ff9bff70fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bff71000-00007ff9bff71fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bff72000-00007ff9bff72fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bff73000-00007ff9bffc0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+c5a8.9c80:   00007ff9bffc1000-00007ff9c10effff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff9c10f0000-00007ff9c10f0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+c5a8.9c80:   00007ff9c10f1000-00007ff9c1176fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+c5a8.9c80:   00007ff9c1177000-00007ff9c11aefff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+c5a8.9c80:   00007ff9c11af000-00007ff9c11b0fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+c5a8.9c80:   00007ff9c11b1000-00007ff9c11b8fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+c5a8.9c80:   00007ff9c11b9000-00007ff9c32bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff9c32c0000-00007ff9c32c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c32c1000-00007ff9c3432fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3433000-00007ff9c348bfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c348c000-00007ff9c3495fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3496000-00007ff9c3527fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3528000-00007ffffffeffff 0x0001/0x0000 0x0000000
+c5a8.9c80: kernel32.dll: timestamp 0x9db26d02 (rc=VINF_SUCCESS)
+c5a8.9c80: kernelbase.dll: timestamp 0xe31726d (rc=VINF_SUCCESS)
+c5a8.9c80: apphelp.dll: timestamp 0xc3f48efd (rc=VINF_SUCCESS)
+c5a8.9c80: VirtualBoxVM.exe: timestamp 0x68f21b4f (rc=VINF_SUCCESS)
+c5a8.9c80: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
+c5a8.9c80: VirtualBoxVM.exe: Differences in section #7 (.00cfg) between file and memory:
+c5a8.9c80:   00007ff7d0496000 / 0x00d6000: 50 != 30
+c5a8.9c80:   00007ff7d0496001 / 0x00d6001: e9 != 16
+c5a8.9c80:   00007ff7d0496002 / 0x00d6002: 3d != 3e
+c5a8.9c80:   00007ff7d0496003 / 0x00d6003: d0 != c3
+c5a8.9c80:   00007ff7d0496004 / 0x00d6004: f7 != f9
+c5a8.9c80:   00007ff7d0496008 / 0x00d6008: 50 != 30
+c5a8.9c80:   00007ff7d0496009 / 0x00d6009: e9 != 16
+c5a8.9c80:   00007ff7d049600a / 0x00d600a: 3d != 3e
+c5a8.9c80:   00007ff7d049600b / 0x00d600b: d0 != c3
+c5a8.9c80:   00007ff7d049600c / 0x00d600c: f7 != f9
+c5a8.9c80:   00007ff7d0496010 / 0x00d6010: a0 != d0
+c5a8.9c80:   00007ff7d0496011 / 0x00d6011: bc != 16
+c5a8.9c80:   00007ff7d0496012 / 0x00d6012: 42 != 3e
+c5a8.9c80:   00007ff7d0496013 / 0x00d6013: d0 != c3
+c5a8.9c80:   00007ff7d0496014 / 0x00d6014: f7 != f9
+c5a8.9c80:   00007ff7d0496018 / 0x00d6018: c0 != d0
+c5a8.9c80:   00007ff7d0496019 / 0x00d6019: bc != 16
+c5a8.9c80:   00007ff7d049601a / 0x00d601a: 42 != 3e
+c5a8.9c80:   00007ff7d049601b / 0x00d601b: d0 != c3
+c5a8.9c80:   00007ff7d049601c / 0x00d601c: f7 != f9
+c5a8.9c80:   00007ff7d0496020 / 0x00d6020: c0 != d0
+c5a8.9c80:   00007ff7d0496021 / 0x00d6021: bc != 16
+c5a8.9c80:   00007ff7d0496022 / 0x00d6022: 42 != 3e
+c5a8.9c80:   00007ff7d0496023 / 0x00d6023: d0 != c3
+c5a8.9c80:   00007ff7d0496024 / 0x00d6024: f7 != f9
+c5a8.9c80:   Restored 0x30 bytes of original file content at 00007ff7d0496000
+c5a8.9c80: VirtualBoxVM.exe: Differences in section #8 (.rsrc) between file and memory:
+c5a8.9c80:   00007ff7d04c7b70 / 0x0107b70: 00 != 50
+c5a8.9c80:   00007ff7d04c7b71 / 0x0107b71: 00 != 41
+c5a8.9c80:   00007ff7d04c7b72 / 0x0107b72: 00 != 44
+c5a8.9c80:   00007ff7d04c7b73 / 0x0107b73: 00 != 44
+c5a8.9c80:   00007ff7d04c7b74 / 0x0107b74: 00 != 49
+c5a8.9c80:   00007ff7d04c7b75 / 0x0107b75: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b76 / 0x0107b76: 00 != 47
+c5a8.9c80:   00007ff7d04c7b77 / 0x0107b77: 00 != 58
+c5a8.9c80:   00007ff7d04c7b78 / 0x0107b78: 00 != 58
+c5a8.9c80:   00007ff7d04c7b79 / 0x0107b79: 00 != 50
+c5a8.9c80:   00007ff7d04c7b7a / 0x0107b7a: 00 != 41
+c5a8.9c80:   00007ff7d04c7b7b / 0x0107b7b: 00 != 44
+c5a8.9c80:   00007ff7d04c7b7c / 0x0107b7c: 00 != 44
+c5a8.9c80:   00007ff7d04c7b7d / 0x0107b7d: 00 != 49
+c5a8.9c80:   00007ff7d04c7b7e / 0x0107b7e: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b7f / 0x0107b7f: 00 != 47
+c5a8.9c80:   00007ff7d04c7b80 / 0x0107b80: 00 != 50
+c5a8.9c80:   00007ff7d04c7b81 / 0x0107b81: 00 != 41
+c5a8.9c80:   00007ff7d04c7b82 / 0x0107b82: 00 != 44
+c5a8.9c80:   00007ff7d04c7b83 / 0x0107b83: 00 != 44
+c5a8.9c80:   00007ff7d04c7b84 / 0x0107b84: 00 != 49
+c5a8.9c80:   00007ff7d04c7b85 / 0x0107b85: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b86 / 0x0107b86: 00 != 47
+c5a8.9c80:   00007ff7d04c7b87 / 0x0107b87: 00 != 58
+c5a8.9c80:   00007ff7d04c7b88 / 0x0107b88: 00 != 58
+c5a8.9c80:   00007ff7d04c7b89 / 0x0107b89: 00 != 50
+c5a8.9c80:   00007ff7d04c7b8a / 0x0107b8a: 00 != 41
+c5a8.9c80:   00007ff7d04c7b8b / 0x0107b8b: 00 != 44
+c5a8.9c80:   00007ff7d04c7b8c / 0x0107b8c: 00 != 44
+c5a8.9c80:   00007ff7d04c7b8d / 0x0107b8d: 00 != 49
+c5a8.9c80:   00007ff7d04c7b8e / 0x0107b8e: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b8f / 0x0107b8f: 00 != 47
+c5a8.9c80:   00007ff7d04c7b90 / 0x0107b90: 00 != 50
+c5a8.9c80:   00007ff7d04c7b91 / 0x0107b91: 00 != 41
+c5a8.9c80:   00007ff7d04c7b92 / 0x0107b92: 00 != 44
+c5a8.9c80:   00007ff7d04c7b93 / 0x0107b93: 00 != 44
+c5a8.9c80:   00007ff7d04c7b94 / 0x0107b94: 00 != 49
+c5a8.9c80:   00007ff7d04c7b95 / 0x0107b95: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b96 / 0x0107b96: 00 != 47
+c5a8.9c80:   00007ff7d04c7b97 / 0x0107b97: 00 != 58
+c5a8.9c80:   00007ff7d04c7b98 / 0x0107b98: 00 != 58
+c5a8.9c80:   00007ff7d04c7b99 / 0x0107b99: 00 != 50
+c5a8.9c80:   00007ff7d04c7b9a / 0x0107b9a: 00 != 41
+c5a8.9c80:   00007ff7d04c7b9b / 0x0107b9b: 00 != 44
+c5a8.9c80:   00007ff7d04c7b9c / 0x0107b9c: 00 != 44
+c5a8.9c80:   00007ff7d04c7b9d / 0x0107b9d: 00 != 49
+c5a8.9c80:   00007ff7d04c7b9e / 0x0107b9e: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b9f / 0x0107b9f: 00 != 47
+c5a8.9c80:   00007ff7d04c7ba0 / 0x0107ba0: 00 != 50
+c5a8.9c80:   00007ff7d04c7ba1 / 0x0107ba1: 00 != 41
+c5a8.9c80:   00007ff7d04c7ba2 / 0x0107ba2: 00 != 44
+c5a8.9c80:   00007ff7d04c7ba3 / 0x0107ba3: 00 != 44
+c5a8.9c80:   00007ff7d04c7ba4 / 0x0107ba4: 00 != 49
+c5a8.9c80:   00007ff7d04c7ba5 / 0x0107ba5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7ba6 / 0x0107ba6: 00 != 47
+c5a8.9c80:   00007ff7d04c7ba7 / 0x0107ba7: 00 != 58
+c5a8.9c80:   00007ff7d04c7ba8 / 0x0107ba8: 00 != 58
+c5a8.9c80:   00007ff7d04c7ba9 / 0x0107ba9: 00 != 50
+c5a8.9c80:   00007ff7d04c7baa / 0x0107baa: 00 != 41
+c5a8.9c80:   00007ff7d04c7bab / 0x0107bab: 00 != 44
+c5a8.9c80:   00007ff7d04c7bac / 0x0107bac: 00 != 44
+c5a8.9c80:   00007ff7d04c7bad / 0x0107bad: 00 != 49
+c5a8.9c80:   00007ff7d04c7bae / 0x0107bae: 00 != 4e
+c5a8.9c80:   00007ff7d04c7baf / 0x0107baf: 00 != 47
+c5a8.9c80:   00007ff7d04c7bb0 / 0x0107bb0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bb1 / 0x0107bb1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bb2 / 0x0107bb2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bb3 / 0x0107bb3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bb4 / 0x0107bb4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bb5 / 0x0107bb5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bb6 / 0x0107bb6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bb7 / 0x0107bb7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bb8 / 0x0107bb8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bb9 / 0x0107bb9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bba / 0x0107bba: 00 != 41
+c5a8.9c80:   00007ff7d04c7bbb / 0x0107bbb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bbc / 0x0107bbc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bbd / 0x0107bbd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bbe / 0x0107bbe: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bbf / 0x0107bbf: 00 != 47
+c5a8.9c80:   00007ff7d04c7bc0 / 0x0107bc0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bc1 / 0x0107bc1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bc2 / 0x0107bc2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bc3 / 0x0107bc3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bc4 / 0x0107bc4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bc5 / 0x0107bc5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bc6 / 0x0107bc6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bc7 / 0x0107bc7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bc8 / 0x0107bc8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bc9 / 0x0107bc9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bca / 0x0107bca: 00 != 41
+c5a8.9c80:   00007ff7d04c7bcb / 0x0107bcb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bcc / 0x0107bcc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bcd / 0x0107bcd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bce / 0x0107bce: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bcf / 0x0107bcf: 00 != 47
+c5a8.9c80:   00007ff7d04c7bd0 / 0x0107bd0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bd1 / 0x0107bd1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bd2 / 0x0107bd2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bd3 / 0x0107bd3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bd4 / 0x0107bd4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bd5 / 0x0107bd5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bd6 / 0x0107bd6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bd7 / 0x0107bd7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bd8 / 0x0107bd8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bd9 / 0x0107bd9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bda / 0x0107bda: 00 != 41
+c5a8.9c80:   00007ff7d04c7bdb / 0x0107bdb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bdc / 0x0107bdc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bdd / 0x0107bdd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bde / 0x0107bde: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bdf / 0x0107bdf: 00 != 47
+c5a8.9c80:   00007ff7d04c7be0 / 0x0107be0: 00 != 50
+c5a8.9c80:   00007ff7d04c7be1 / 0x0107be1: 00 != 41
+c5a8.9c80:   00007ff7d04c7be2 / 0x0107be2: 00 != 44
+c5a8.9c80:   00007ff7d04c7be3 / 0x0107be3: 00 != 44
+c5a8.9c80:   00007ff7d04c7be4 / 0x0107be4: 00 != 49
+c5a8.9c80:   00007ff7d04c7be5 / 0x0107be5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7be6 / 0x0107be6: 00 != 47
+c5a8.9c80:   00007ff7d04c7be7 / 0x0107be7: 00 != 58
+c5a8.9c80:   00007ff7d04c7be8 / 0x0107be8: 00 != 58
+c5a8.9c80:   00007ff7d04c7be9 / 0x0107be9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bea / 0x0107bea: 00 != 41
+c5a8.9c80:   00007ff7d04c7beb / 0x0107beb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bec / 0x0107bec: 00 != 44
+c5a8.9c80:   00007ff7d04c7bed / 0x0107bed: 00 != 49
+c5a8.9c80:   00007ff7d04c7bee / 0x0107bee: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bef / 0x0107bef: 00 != 47
+c5a8.9c80:   00007ff7d04c7bf0 / 0x0107bf0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bf1 / 0x0107bf1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bf2 / 0x0107bf2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bf3 / 0x0107bf3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bf4 / 0x0107bf4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bf5 / 0x0107bf5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bf6 / 0x0107bf6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bf7 / 0x0107bf7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bf8 / 0x0107bf8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bf9 / 0x0107bf9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bfa / 0x0107bfa: 00 != 41
+c5a8.9c80:   00007ff7d04c7bfb / 0x0107bfb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bfc / 0x0107bfc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bfd / 0x0107bfd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bfe / 0x0107bfe: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bff / 0x0107bff: 00 != 47
+c5a8.9c80:   Restored 0x490 bytes of original file content at 00007ff7d04c7b70
+c5a8.9c80: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
+c5a8.9c80: ntdll.dll: Differences in section #13 (.00cfg) between file and memory:
+c5a8.9c80:   00007ff9c34ab000 / 0x01eb000: 10 != d0
+c5a8.9c80:   00007ff9c34ab001 / 0x01eb001: 71 != 16
+c5a8.9c80:   00007ff9c34ab002 / 0x01eb002: 42 != 3e
+c5a8.9c80:   00007ff9c34ab008 / 0x01eb008: 60 != 30
+c5a8.9c80:   00007ff9c34ab009 / 0x01eb009: c3 != 16
+c5a8.9c80:   00007ff9c34ab00a / 0x01eb00a: 3b != 3e
+c5a8.9c80:   00007ff9c34ab010 / 0x01eb010: 40 != d0
+c5a8.9c80:   00007ff9c34ab011 / 0x01eb011: 71 != 16
+c5a8.9c80:   00007ff9c34ab012 / 0x01eb012: 42 != 3e
+c5a8.9c80:   00007ff9c34ab018 / 0x01eb018: 40 != d0
+c5a8.9c80:   00007ff9c34ab019 / 0x01eb019: 71 != 16
+c5a8.9c80:   00007ff9c34ab01a / 0x01eb01a: 42 != 3e
+c5a8.9c80:   Restored 0x28 bytes of original file content at 00007ff9c34ab000
+c5a8.9c80: kernel32.dll: Differences in section #3 (.rdata) between file and memory:
+c5a8.9c80:   00007ff9c117ba10 / 0x008ba10: c0 != 30
+c5a8.9c80:   00007ff9c117ba11 / 0x008ba11: 85 != 16
+c5a8.9c80:   00007ff9c117ba12 / 0x008ba12: 14 != 3e
+c5a8.9c80:   00007ff9c117ba13 / 0x008ba13: c1 != c3
+c5a8.9c80:   00007ff9c117ba18 / 0x008ba18: 80 != d0
+c5a8.9c80:   00007ff9c117ba19 / 0x008ba19: 43 != 16
+c5a8.9c80:   00007ff9c117ba1a / 0x008ba1a: 17 != 3e
+c5a8.9c80:   00007ff9c117ba1b / 0x008ba1b: c1 != c3
+c5a8.9c80:   00007ff9c117ba20 / 0x008ba20: c0 != 30
+c5a8.9c80:   00007ff9c117ba21 / 0x008ba21: 85 != 16
+c5a8.9c80:   00007ff9c117ba22 / 0x008ba22: 14 != 3e
+c5a8.9c80:   00007ff9c117ba23 / 0x008ba23: c1 != c3
+c5a8.9c80:   00007ff9c117ba28 / 0x008ba28: b0 != d0
+c5a8.9c80:   00007ff9c117ba29 / 0x008ba29: 43 != 16
+c5a8.9c80:   00007ff9c117ba2a / 0x008ba2a: 17 != 3e
+c5a8.9c80:   00007ff9c117ba2b / 0x008ba2b: c1 != c3
+c5a8.9c80:   00007ff9c117ba30 / 0x008ba30: b0 != d0
+c5a8.9c80:   00007ff9c117ba31 / 0x008ba31: 43 != 16
+c5a8.9c80:   00007ff9c117ba32 / 0x008ba32: 17 != 3e
+c5a8.9c80:   00007ff9c117ba33 / 0x008ba33: c1 != c3
+c5a8.9c80:   Restored 0x2000 bytes of original file content at 00007ff9c117b000
+c5a8.9c80: kernelbase.dll: Differences in section #3 (.rdata) between file and memory:
+c5a8.9c80:   00007ff9bfe61d90 / 0x0291d90: 70 != 30
+c5a8.9c80:   00007ff9bfe61d91 / 0x0291d91: 42 != 16
+c5a8.9c80:   00007ff9bfe61d92 / 0x0291d92: cf != 3e
+c5a8.9c80:   00007ff9bfe61d93 / 0x0291d93: bf != c3
+c5a8.9c80:   00007ff9bfe61d98 / 0x0291d98: e0 != d0
+c5a8.9c80:   00007ff9bfe61d99 / 0x0291d99: 26 != 16
+c5a8.9c80:   00007ff9bfe61d9a / 0x0291d9a: d6 != 3e
+c5a8.9c80:   00007ff9bfe61d9b / 0x0291d9b: bf != c3
+c5a8.9c80:   00007ff9bfe61da0 / 0x0291da0: 70 != 30
+c5a8.9c80:   00007ff9bfe61da1 / 0x0291da1: 42 != 16
+c5a8.9c80:   00007ff9bfe61da2 / 0x0291da2: cf != 3e
+c5a8.9c80:   00007ff9bfe61da3 / 0x0291da3: bf != c3
+c5a8.9c80:   00007ff9bfe61da8 / 0x0291da8: 10 != d0
+c5a8.9c80:   00007ff9bfe61da9 / 0x0291da9: 27 != 16
+c5a8.9c80:   00007ff9bfe61daa / 0x0291daa: d6 != 3e
+c5a8.9c80:   00007ff9bfe61dab / 0x0291dab: bf != c3
+c5a8.9c80:   00007ff9bfe61db0 / 0x0291db0: 10 != d0
+c5a8.9c80:   00007ff9bfe61db1 / 0x0291db1: 27 != 16
+c5a8.9c80:   00007ff9bfe61db2 / 0x0291db2: d6 != 3e
+c5a8.9c80:   00007ff9bfe61db3 / 0x0291db3: bf != c3
+c5a8.9c80:   Restored 0x2000 bytes of original file content at 00007ff9bfe60000
+c5a8.9c80: apphelp.dll: Differences in section #3 (.rdata) between file and memory:
+c5a8.9c80:   00007ff9bc72c4d0 / 0x005c4d0: 40 != e0
+c5a8.9c80:   00007ff9bc72c4d1 / 0x005c4d1: 7b != 36
+c5a8.9c80:   00007ff9bc72c4d2 / 0x005c4d2: cd != 11
+c5a8.9c80:   00007ff9bc72c4d3 / 0x005c4d3: bf != c1
+c5a8.9c80:   00007ff9bc72c4d8 / 0x005c4d8: 00 != d0
+c5a8.9c80:   00007ff9bc72c4d9 / 0x005c4d9: 01 != 82
+c5a8.9c80:   00007ff9bc72c4da / 0x005c4da: ca != 12
+c5a8.9c80:   00007ff9bc72c4db / 0x005c4db: bf != c1
+c5a8.9c80:   00007ff9bc72c4e0 / 0x005c4e0: b0 != 80
+c5a8.9c80:   00007ff9bc72c4e1 / 0x005c4e1: f9 != c6
+c5a8.9c80:   00007ff9bc72c4e2 / 0x005c4e2: c7 != 12
+c5a8.9c80:   00007ff9bc72c4e3 / 0x005c4e3: bf != c1
+c5a8.9c80:   00007ff9bc72c4e8 / 0x005c4e8: 50 != 70
+c5a8.9c80:   00007ff9bc72c4e9 / 0x005c4e9: 96 != 49
+c5a8.9c80:   00007ff9bc72c4ea / 0x005c4ea: cf != 11
+c5a8.9c80:   00007ff9bc72c4eb / 0x005c4eb: bf != c1
+c5a8.9c80:   00007ff9bc72c4f1 / 0x005c4f1: 6d != 52
+c5a8.9c80:   00007ff9bc72c4f2 / 0x005c4f2: c9 != 12
+c5a8.9c80:   00007ff9bc72c4f3 / 0x005c4f3: bf != c1
+c5a8.9c80:   00007ff9bc72c4f8 / 0x005c4f8: 50 != a0
+c5a8.9c80:   00007ff9bc72c4f9 / 0x005c4f9: 60 != 25
+c5a8.9c80:   00007ff9bc72c4fa / 0x005c4fa: cd != 13
+c5a8.9c80:   00007ff9bc72c4fb / 0x005c4fb: bf != c1
+c5a8.9c80:   00007ff9bc72c500 / 0x005c500: c0 != 20
+c5a8.9c80:   00007ff9bc72c501 / 0x005c501: 70 != 86
+c5a8.9c80:   00007ff9bc72c502 / 0x005c502: c5 != 10
+c5a8.9c80:   00007ff9bc72c503 / 0x005c503: bf != c1
+c5a8.9c80:   00007ff9bc72c510 / 0x005c510: c0 != 50
+c5a8.9c80:   00007ff9bc72c511 / 0x005c511: 38 != 3c
+c5a8.9c80:   00007ff9bc72c512 / 0x005c512: c1 != 12
+c5a8.9c80:   00007ff9bc72c513 / 0x005c513: bf != c1
+c5a8.9c80:   00007ff9bc72cb10 / 0x005cb10: f0 != 30
+c5a8.9c80:   00007ff9bc72cb11 / 0x005cb11: 7c != 16
+c5a8.9c80:   00007ff9bc72cb12 / 0x005cb12: 70 != 3e
+c5a8.9c80:   00007ff9bc72cb13 / 0x005cb13: bc != c3
+c5a8.9c80:   00007ff9bc72cb18 / 0x005cb18: 00 != d0
+c5a8.9c80:   00007ff9bc72cb19 / 0x005cb19: 8c != 16
+c5a8.9c80:   00007ff9bc72cb1a / 0x005cb1a: 72 != 3e
+c5a8.9c80:   00007ff9bc72cb1b / 0x005cb1b: bc != c3
+c5a8.9c80:   00007ff9bc72cb20 / 0x005cb20: f0 != 30
+c5a8.9c80:   00007ff9bc72cb21 / 0x005cb21: 7c != 16
+c5a8.9c80:   00007ff9bc72cb22 / 0x005cb22: 70 != 3e
+c5a8.9c80:   00007ff9bc72cb23 / 0x005cb23: bc != c3
+c5a8.9c80:   00007ff9bc72cb28 / 0x005cb28: 30 != d0
+c5a8.9c80:   00007ff9bc72cb29 / 0x005cb29: 8c != 16
+c5a8.9c80:   00007ff9bc72cb2a / 0x005cb2a: 72 != 3e
+c5a8.9c80:   00007ff9bc72cb2b / 0x005cb2b: bc != c3
+c5a8.9c80:   00007ff9bc72cb30 / 0x005cb30: 30 != d0
+c5a8.9c80:   00007ff9bc72cb31 / 0x005cb31: 8c != 16
+c5a8.9c80:   00007ff9bc72cb32 / 0x005cb32: 72 != 3e
+c5a8.9c80:   00007ff9bc72cb33 / 0x005cb33: bc != c3
+c5a8.9c80:   Restored 0x2000 bytes of original file content at 00007ff9bc72c000
+c5a8.9c80: supHardNtVpCheckHandles:
+c5a8.9c80: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=6
+c5a8.9c80: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
+c5a8.9c80: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
+c5a8.9c80: supR3HardNtEnableThreadCreationEx:
+c5a8.9c80: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9c33ab0a0 pvNtTerminateThread=00007ff9c34224a0 g_LdrInitThunkSelfBackup.cb=10
+c5a8.9c80: supR3HardenedWinDoReSpawn(1): New child ddbc.90b4 [kernel32].
+c5a8.9c80: supR3HardNtChildGatherData: PebBaseAddress=0000004312e83000 cbPeb=0x388
+c5a8.9c80: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff9c32c0000 uNtDllChildAddr=00007ff9c32c0000
+c5a8.9c80: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff9c33ab0a0
+c5a8.9c80: supR3HardenedWinSetupChildInit: Initial context:
+  rax=0000000000000000 rbx=0000000000000000 rcx=00007ff7d03cb8e0 rdx=0000004312e83000
+  rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
+  r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
+  r14=0000000000000000 r15=0000000000000000  P1=0000000000000000  P2=0000000000000000
+  rip=00007ff9c334c3e0 rsp=00000043130ffa48 rbp=0000000000000000    ctxflags=0010001b
+  cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000    eflags=00000200   mxcrx=00001f80
+   P3=0000000000000000  P4=0000000000000000  P5=0000000000000000  P6=0000000000000000
+  dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
+  dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
+  lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
+c5a8.9c80: supR3HardenedWinSetupChildInit: Start child.
+c5a8.9c80: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
+c5a8.9c80: supR3HardNtChildPurify: Startup delay kludge #1/0: 267 ms, 17 sleeps
+c5a8.9c80: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
+c5a8.9c80:  *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
+c5a8.9c80:   000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
+c5a8.9c80:   000000007fff0000-0000004312dfffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *0000004312e00000-0000004312e82fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   0000004312e83000-0000004312e85fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   0000004312e86000-0000004312ffffff 0x0000/0x0004 0x0020000
+c5a8.9c80:  *0000004313000000-00000043130fafff 0x0000/0x0004 0x0020000
+c5a8.9c80:   00000043130fb000-00000043130fdfff 0x0104/0x0004 0x0020000
+c5a8.9c80:   00000043130fe000-00000043130fffff 0x0004/0x0004 0x0020000
+c5a8.9c80:   0000004313100000-00000229f4d3ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4d40000-00000229f4d5ffff 0x0004/0x0004 0x0020000
+c5a8.9c80:  *00000229f4d60000-00000229f4d89fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00000229f4d8a000-00000229f4d8ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4d90000-00000229f4d93fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00000229f4d94000-00000229f4d9ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4da0000-00000229f4da0fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00000229f4da1000-00000229f4daffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4db0000-00000229f4db1fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   00000229f4db2000-00007df5a12affff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007df5a12b0000-00007df5a12b0fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00007df5a12b1000-00007df5a12bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007df5a12c0000-00007df5a2728fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007df5a2729000-00007df5a2800fff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007df5a2801000-00007df5a3095fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007df5a3096000-00007df5a3096fff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007df5a3097000-00007ff5806cefff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff5806cf000-00007ff5806d3fff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff5806d4000-00007ff583cf9fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff583cfa000-00007ff58838afff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007ff58838b000-00007ff588394fff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff588395000-00007ff5a12bffff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff5a12c0000-00007ff7d03bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff7d03c0000-00007ff7d03c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d03c1000-00007ff7d042bfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d042c000-00007ff7d042cfff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d042d000-00007ff7d0481fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d0482000-00007ff7d0482fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d0483000-00007ff7d0483fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d0484000-00007ff7d0489fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d048a000-00007ff7d048efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d048f000-00007ff7d04c9fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d04ca000-00007ff9c32bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff9c32c0000-00007ff9c32c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c32c1000-00007ff9c3432fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3433000-00007ff9c348bfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c348c000-00007ff9c3495fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3496000-00007ff9c34a6fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c34a7000-00007ff9c34a9fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c34aa000-00007ff9c34aafff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c34ab000-00007ff9c3527fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3528000-00007ffffffeffff 0x0001/0x0000 0x0000000
+c5a8.9c80: VirtualBoxVM.exe: Differences in section #8 (.rsrc) between file and memory:
+c5a8.9c80:   00007ff7d04c7b70 / 0x0107b70: 00 != 50
+c5a8.9c80:   00007ff7d04c7b71 / 0x0107b71: 00 != 41
+c5a8.9c80:   00007ff7d04c7b72 / 0x0107b72: 00 != 44
+c5a8.9c80:   00007ff7d04c7b73 / 0x0107b73: 00 != 44
+c5a8.9c80:   00007ff7d04c7b74 / 0x0107b74: 00 != 49
+c5a8.9c80:   00007ff7d04c7b75 / 0x0107b75: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b76 / 0x0107b76: 00 != 47
+c5a8.9c80:   00007ff7d04c7b77 / 0x0107b77: 00 != 58
+c5a8.9c80:   00007ff7d04c7b78 / 0x0107b78: 00 != 58
+c5a8.9c80:   00007ff7d04c7b79 / 0x0107b79: 00 != 50
+c5a8.9c80:   00007ff7d04c7b7a / 0x0107b7a: 00 != 41
+c5a8.9c80:   00007ff7d04c7b7b / 0x0107b7b: 00 != 44
+c5a8.9c80:   00007ff7d04c7b7c / 0x0107b7c: 00 != 44
+c5a8.9c80:   00007ff7d04c7b7d / 0x0107b7d: 00 != 49
+c5a8.9c80:   00007ff7d04c7b7e / 0x0107b7e: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b7f / 0x0107b7f: 00 != 47
+c5a8.9c80:   00007ff7d04c7b80 / 0x0107b80: 00 != 50
+c5a8.9c80:   00007ff7d04c7b81 / 0x0107b81: 00 != 41
+c5a8.9c80:   00007ff7d04c7b82 / 0x0107b82: 00 != 44
+c5a8.9c80:   00007ff7d04c7b83 / 0x0107b83: 00 != 44
+c5a8.9c80:   00007ff7d04c7b84 / 0x0107b84: 00 != 49
+c5a8.9c80:   00007ff7d04c7b85 / 0x0107b85: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b86 / 0x0107b86: 00 != 47
+c5a8.9c80:   00007ff7d04c7b87 / 0x0107b87: 00 != 58
+c5a8.9c80:   00007ff7d04c7b88 / 0x0107b88: 00 != 58
+c5a8.9c80:   00007ff7d04c7b89 / 0x0107b89: 00 != 50
+c5a8.9c80:   00007ff7d04c7b8a / 0x0107b8a: 00 != 41
+c5a8.9c80:   00007ff7d04c7b8b / 0x0107b8b: 00 != 44
+c5a8.9c80:   00007ff7d04c7b8c / 0x0107b8c: 00 != 44
+c5a8.9c80:   00007ff7d04c7b8d / 0x0107b8d: 00 != 49
+c5a8.9c80:   00007ff7d04c7b8e / 0x0107b8e: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b8f / 0x0107b8f: 00 != 47
+c5a8.9c80:   00007ff7d04c7b90 / 0x0107b90: 00 != 50
+c5a8.9c80:   00007ff7d04c7b91 / 0x0107b91: 00 != 41
+c5a8.9c80:   00007ff7d04c7b92 / 0x0107b92: 00 != 44
+c5a8.9c80:   00007ff7d04c7b93 / 0x0107b93: 00 != 44
+c5a8.9c80:   00007ff7d04c7b94 / 0x0107b94: 00 != 49
+c5a8.9c80:   00007ff7d04c7b95 / 0x0107b95: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b96 / 0x0107b96: 00 != 47
+c5a8.9c80:   00007ff7d04c7b97 / 0x0107b97: 00 != 58
+c5a8.9c80:   00007ff7d04c7b98 / 0x0107b98: 00 != 58
+c5a8.9c80:   00007ff7d04c7b99 / 0x0107b99: 00 != 50
+c5a8.9c80:   00007ff7d04c7b9a / 0x0107b9a: 00 != 41
+c5a8.9c80:   00007ff7d04c7b9b / 0x0107b9b: 00 != 44
+c5a8.9c80:   00007ff7d04c7b9c / 0x0107b9c: 00 != 44
+c5a8.9c80:   00007ff7d04c7b9d / 0x0107b9d: 00 != 49
+c5a8.9c80:   00007ff7d04c7b9e / 0x0107b9e: 00 != 4e
+c5a8.9c80:   00007ff7d04c7b9f / 0x0107b9f: 00 != 47
+c5a8.9c80:   00007ff7d04c7ba0 / 0x0107ba0: 00 != 50
+c5a8.9c80:   00007ff7d04c7ba1 / 0x0107ba1: 00 != 41
+c5a8.9c80:   00007ff7d04c7ba2 / 0x0107ba2: 00 != 44
+c5a8.9c80:   00007ff7d04c7ba3 / 0x0107ba3: 00 != 44
+c5a8.9c80:   00007ff7d04c7ba4 / 0x0107ba4: 00 != 49
+c5a8.9c80:   00007ff7d04c7ba5 / 0x0107ba5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7ba6 / 0x0107ba6: 00 != 47
+c5a8.9c80:   00007ff7d04c7ba7 / 0x0107ba7: 00 != 58
+c5a8.9c80:   00007ff7d04c7ba8 / 0x0107ba8: 00 != 58
+c5a8.9c80:   00007ff7d04c7ba9 / 0x0107ba9: 00 != 50
+c5a8.9c80:   00007ff7d04c7baa / 0x0107baa: 00 != 41
+c5a8.9c80:   00007ff7d04c7bab / 0x0107bab: 00 != 44
+c5a8.9c80:   00007ff7d04c7bac / 0x0107bac: 00 != 44
+c5a8.9c80:   00007ff7d04c7bad / 0x0107bad: 00 != 49
+c5a8.9c80:   00007ff7d04c7bae / 0x0107bae: 00 != 4e
+c5a8.9c80:   00007ff7d04c7baf / 0x0107baf: 00 != 47
+c5a8.9c80:   00007ff7d04c7bb0 / 0x0107bb0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bb1 / 0x0107bb1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bb2 / 0x0107bb2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bb3 / 0x0107bb3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bb4 / 0x0107bb4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bb5 / 0x0107bb5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bb6 / 0x0107bb6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bb7 / 0x0107bb7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bb8 / 0x0107bb8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bb9 / 0x0107bb9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bba / 0x0107bba: 00 != 41
+c5a8.9c80:   00007ff7d04c7bbb / 0x0107bbb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bbc / 0x0107bbc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bbd / 0x0107bbd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bbe / 0x0107bbe: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bbf / 0x0107bbf: 00 != 47
+c5a8.9c80:   00007ff7d04c7bc0 / 0x0107bc0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bc1 / 0x0107bc1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bc2 / 0x0107bc2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bc3 / 0x0107bc3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bc4 / 0x0107bc4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bc5 / 0x0107bc5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bc6 / 0x0107bc6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bc7 / 0x0107bc7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bc8 / 0x0107bc8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bc9 / 0x0107bc9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bca / 0x0107bca: 00 != 41
+c5a8.9c80:   00007ff7d04c7bcb / 0x0107bcb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bcc / 0x0107bcc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bcd / 0x0107bcd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bce / 0x0107bce: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bcf / 0x0107bcf: 00 != 47
+c5a8.9c80:   00007ff7d04c7bd0 / 0x0107bd0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bd1 / 0x0107bd1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bd2 / 0x0107bd2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bd3 / 0x0107bd3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bd4 / 0x0107bd4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bd5 / 0x0107bd5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bd6 / 0x0107bd6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bd7 / 0x0107bd7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bd8 / 0x0107bd8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bd9 / 0x0107bd9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bda / 0x0107bda: 00 != 41
+c5a8.9c80:   00007ff7d04c7bdb / 0x0107bdb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bdc / 0x0107bdc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bdd / 0x0107bdd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bde / 0x0107bde: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bdf / 0x0107bdf: 00 != 47
+c5a8.9c80:   00007ff7d04c7be0 / 0x0107be0: 00 != 50
+c5a8.9c80:   00007ff7d04c7be1 / 0x0107be1: 00 != 41
+c5a8.9c80:   00007ff7d04c7be2 / 0x0107be2: 00 != 44
+c5a8.9c80:   00007ff7d04c7be3 / 0x0107be3: 00 != 44
+c5a8.9c80:   00007ff7d04c7be4 / 0x0107be4: 00 != 49
+c5a8.9c80:   00007ff7d04c7be5 / 0x0107be5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7be6 / 0x0107be6: 00 != 47
+c5a8.9c80:   00007ff7d04c7be7 / 0x0107be7: 00 != 58
+c5a8.9c80:   00007ff7d04c7be8 / 0x0107be8: 00 != 58
+c5a8.9c80:   00007ff7d04c7be9 / 0x0107be9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bea / 0x0107bea: 00 != 41
+c5a8.9c80:   00007ff7d04c7beb / 0x0107beb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bec / 0x0107bec: 00 != 44
+c5a8.9c80:   00007ff7d04c7bed / 0x0107bed: 00 != 49
+c5a8.9c80:   00007ff7d04c7bee / 0x0107bee: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bef / 0x0107bef: 00 != 47
+c5a8.9c80:   00007ff7d04c7bf0 / 0x0107bf0: 00 != 50
+c5a8.9c80:   00007ff7d04c7bf1 / 0x0107bf1: 00 != 41
+c5a8.9c80:   00007ff7d04c7bf2 / 0x0107bf2: 00 != 44
+c5a8.9c80:   00007ff7d04c7bf3 / 0x0107bf3: 00 != 44
+c5a8.9c80:   00007ff7d04c7bf4 / 0x0107bf4: 00 != 49
+c5a8.9c80:   00007ff7d04c7bf5 / 0x0107bf5: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bf6 / 0x0107bf6: 00 != 47
+c5a8.9c80:   00007ff7d04c7bf7 / 0x0107bf7: 00 != 58
+c5a8.9c80:   00007ff7d04c7bf8 / 0x0107bf8: 00 != 58
+c5a8.9c80:   00007ff7d04c7bf9 / 0x0107bf9: 00 != 50
+c5a8.9c80:   00007ff7d04c7bfa / 0x0107bfa: 00 != 41
+c5a8.9c80:   00007ff7d04c7bfb / 0x0107bfb: 00 != 44
+c5a8.9c80:   00007ff7d04c7bfc / 0x0107bfc: 00 != 44
+c5a8.9c80:   00007ff7d04c7bfd / 0x0107bfd: 00 != 49
+c5a8.9c80:   00007ff7d04c7bfe / 0x0107bfe: 00 != 4e
+c5a8.9c80:   00007ff7d04c7bff / 0x0107bff: 00 != 47
+c5a8.9c80:   Restored 0x490 bytes of original file content at 00007ff7d04c7b70
+c5a8.9c80: ntdll.dll: Differences in section #12 (.mrdata) between file and memory:
+c5a8.9c80:   00007ff9c34aa490 / 0x01ea490: 00 != a0
+c5a8.9c80:   00007ff9c34aa491 / 0x01ea491: 00 != c2
+c5a8.9c80:   00007ff9c34aa492 / 0x01ea492: 00 != 6f
+c5a8.9c80:   00007ff9c34aa493 / 0x01ea493: 00 != 77
+c5a8.9c80:   00007ff9c34aa498 / 0x01ea498: 00 != e8
+c5a8.9c80:   00007ff9c34aa499 / 0x01ea499: 00 != 97
+c5a8.9c80:   00007ff9c34aa49a / 0x01ea49a: 00 != 6f
+c5a8.9c80:   00007ff9c34aa49b / 0x01ea49b: 00 != 77
+c5a8.9c80:   00007ff9c34aa4d8 / 0x01ea4d8: 00 != f8
+c5a8.9c80:   00007ff9c34aa4d9 / 0x01ea4d9: 00 != 53
+c5a8.9c80:   00007ff9c34aa4da / 0x01ea4da: 00 != 3f
+c5a8.9c80:   00007ff9c34aa4db / 0x01ea4db: 00 != 0f
+c5a8.9c80:   00007ff9c34aa4e0 / 0x01ea4e0: 00 != 10
+c5a8.9c80:   00007ff9c34aa4e5 / 0x01ea4e5: 00 != 01
+c5a8.9c80:   00007ff9c34aa4ef / 0x01ea4ef: 00 != 20
+c5a8.9c80:   00007ff9c34aa4f0 / 0x01ea4f0: 00 != 02
+c5a8.9c80:   00007ff9c34aa4f1 / 0x01ea4f1: 00 != 20
+c5a8.9c80:   00007ff9c34aa4fa / 0x01ea4fa: 00 != 2c
+c5a8.9c80:   00007ff9c34aa4fb / 0x01ea4fb: 00 != a1
+c5a8.9c80:   00007ff9c34aa4fc / 0x01ea4fc: 00 != f5
+c5a8.9c80:   00007ff9c34aa4fd / 0x01ea4fd: 00 != 7d
+c5a8.9c80:   00007ff9c34aa505 / 0x01ea505: 00 != 02
+c5a8.9c80:   Restored 0x118 bytes of original file content at 00007ff9c34aa490
+c5a8.9c80: supR3HardNtChildPurify: cFixes=2 g_fSupAdversaries=0x80000000
+c5a8.9c80: supR3HardNtChildPurify: Startup delay kludge #1/1: 521 ms, 34 sleeps
+c5a8.9c80: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
+c5a8.9c80:  *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
+c5a8.9c80:   000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
+c5a8.9c80:   000000007fff0000-0000004312dfffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *0000004312e00000-0000004312e82fff 0x0000/0x0004 0x0020000
+c5a8.9c80:   0000004312e83000-0000004312e85fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   0000004312e86000-0000004312ffffff 0x0000/0x0004 0x0020000
+c5a8.9c80:  *0000004313000000-00000043130fafff 0x0000/0x0004 0x0020000
+c5a8.9c80:   00000043130fb000-00000043130fdfff 0x0104/0x0004 0x0020000
+c5a8.9c80:   00000043130fe000-00000043130fffff 0x0004/0x0004 0x0020000
+c5a8.9c80:   0000004313100000-00000229f4d3ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4d40000-00000229f4d5ffff 0x0004/0x0004 0x0020000
+c5a8.9c80:  *00000229f4d60000-00000229f4d89fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00000229f4d8a000-00000229f4d8ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4d90000-00000229f4d93fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00000229f4d94000-00000229f4d9ffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4da0000-00000229f4da0fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00000229f4da1000-00000229f4daffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00000229f4db0000-00000229f4db1fff 0x0004/0x0004 0x0020000
+c5a8.9c80:   00000229f4db2000-00007df5a12affff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007df5a12b0000-00007df5a12b0fff 0x0002/0x0002 0x0040000
+c5a8.9c80:   00007df5a12b1000-00007df5a12bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007df5a12c0000-00007df5a2728fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007df5a2729000-00007df5a2800fff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007df5a2801000-00007df5a3095fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007df5a3096000-00007df5a3096fff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007df5a3097000-00007ff5806cefff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff5806cf000-00007ff5806d3fff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff5806d4000-00007ff583cf9fff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff583cfa000-00007ff58838afff 0x0001/0x0001 0x0040000
+c5a8.9c80:   00007ff58838b000-00007ff588394fff 0x0002/0x0001 0x0040000
+c5a8.9c80:   00007ff588395000-00007ff5a12bffff 0x0000/0x0001 0x0040000
+c5a8.9c80:   00007ff5a12c0000-00007ff7d03bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff7d03c0000-00007ff7d03c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d03c1000-00007ff7d042bfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d042c000-00007ff7d042cfff 0x0040/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d042d000-00007ff7d0481fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d0482000-00007ff7d048efff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d048f000-00007ff7d04c9fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+c5a8.9c80:   00007ff7d04ca000-00007ff9c32bffff 0x0001/0x0000 0x0000000
+c5a8.9c80:  *00007ff9c32c0000-00007ff9c32c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c32c1000-00007ff9c3432fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3433000-00007ff9c348bfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c348c000-00007ff9c348cfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c348d000-00007ff9c348dfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c348e000-00007ff9c3495fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3496000-00007ff9c34a6fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c34a7000-00007ff9c34a7fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c34a8000-00007ff9c34a9fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c34aa000-00007ff9c34aafff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c34ab000-00007ff9c3527fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+c5a8.9c80:   00007ff9c3528000-00007ffffffeffff 0x0001/0x0000 0x0000000
+c5a8.9c80: supR3HardNtChildPurify: Done after 794 ms and 2 fixes (loop #1).
+ddbc.90b4: supR3HardenedVmProcessInit: uNtDllAddr=00007ff9c32c0000 g_uNtVerCombined=0xa0665800 (stack ~00000043130fe810)
+ddbc.90b4: ntdll.dll: timestamp 0xbafb00ad (rc=VINF_SUCCESS)
+ddbc.90b4: New simple heap: #1 00000229f4ec0000 LB 0x800000 (for 2523136 allocation)
+ddbc.90b4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+ddbc.90b4: System32:  \Device\HarddiskVolume3\Windows\System32
+ddbc.90b4: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
+c5a8.9c80: supR3HardNtEnableThreadCreationEx:
+ddbc.90b4: KnownDllPath: C:\WINDOWS\System32
+ddbc.90b4: supR3HardenedVmProcessInit: Opening vboxsup stub...
+ddbc.90b4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
+ddbc.90b4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
+ddbc.90b4: Registered Dll notification callback with NTDLL.
+ddbc.90b4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
+ddbc.90b4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
+ddbc.90b4: supR3HardenedDllNotificationCallback: load   00007ff9bfbd0000 LB 0x003f1000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
+ddbc.90b4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
+ddbc.90b4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+ddbc.90b4: supR3HardenedDllNotificationCallback: load   00007ff9c10f0000 LB 0x000c9000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
+ddbc.90b4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\KERNEL32.DLL'
+ddbc.90b4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\KernelBase.dll [lacks WinVerifyTrust]
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNELBASE.dll (Input=KERNELBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'C:\WINDOWS\System32\KERNELBASE.dll'
+ddbc.90b4: supR3HardenedDllNotificationCallback: load   00007ff7d03c0000 LB 0x0010a000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
+ddbc.90b4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
+ddbc.90b4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
+ddbc.90b4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9c33ab0a0 pvNtTerminateThread=00007ff9c34224a0 g_LdrInitThunkSelfBackup.cb=0
+ddbc.90b4: supR3HardNtDisableThreadCreationEx: Backup=40 53 48 83 ec 20 48 8b d9 e8 1a 00 00 00 b2 01
+c5a8.9c80: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 92 ms.
+ddbc.90b4: \SystemRoot\System32\ntdll.dll:
+ddbc.90b4:     CreationTime:    2026-01-29T22:35:39.716023100Z
+ddbc.90b4:     LastWriteTime:   2026-01-29T22:35:40.009089100Z
+ddbc.90b4:     ChangeTime:      2026-02-05T09:04:49.647492500Z
+ddbc.90b4:     FileAttributes:  0x20
+ddbc.90b4:     Size:            0x267b80
+ddbc.90b4:     NT Headers:      0xe0
+ddbc.90b4:     Timestamp:       0xbafb00ad
+ddbc.90b4:     Machine:         0x8664 - amd64
+ddbc.90b4:     Timestamp:       0xbafb00ad
+ddbc.90b4:     Image Version:   10.0
+ddbc.90b4:     SizeOfImage:     0x268000 (2523136)
+ddbc.90b4:     Resource Dir:    0x1ec000 LB 0x7a108
+ddbc.90b4:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
+ddbc.90b4:     [Raw version resource data: 0x1ec0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
+ddbc.90b4:     ProductName:     Microsoft® Windows® Operating System
+ddbc.90b4:     ProductVersion:  10.0.26100.7705
+ddbc.90b4:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+ddbc.90b4:     FileDescription: NT Layer DLL
+ddbc.90b4: \SystemRoot\System32\kernel32.dll:
+ddbc.90b4:     CreationTime:    2026-01-29T22:35:35.579009500Z
+ddbc.90b4:     LastWriteTime:   2026-01-29T22:35:35.662547000Z
+ddbc.90b4:     ChangeTime:      2026-02-05T09:04:44.827659200Z
+ddbc.90b4:     FileAttributes:  0x20
+ddbc.90b4:     Size:            0xcc218
+ddbc.90b4:     NT Headers:      0xf0
+ddbc.90b4:     Timestamp:       0x9db26d02
+ddbc.90b4:     Machine:         0x8664 - amd64
+ddbc.90b4:     Timestamp:       0x9db26d02
+ddbc.90b4:     Image Version:   10.0
+ddbc.90b4:     SizeOfImage:     0xc9000 (823296)
+ddbc.90b4:     Resource Dir:    0xc7000 LB 0x520
+ddbc.90b4:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
+ddbc.90b4:     [Raw version resource data: 0xc70b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
+ddbc.90b4:     ProductName:     Microsoft® Windows® Operating System
+ddbc.90b4:     ProductVersion:  10.0.26100.7705
+ddbc.90b4:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+ddbc.90b4:     FileDescription: Windows NT BASE API Client DLL
+ddbc.90b4: \SystemRoot\System32\KernelBase.dll:
+ddbc.90b4:     CreationTime:    2026-01-29T22:35:35.618516400Z
+ddbc.90b4:     LastWriteTime:   2026-01-29T22:35:36.330801000Z
+ddbc.90b4:     ChangeTime:      2026-02-05T09:04:48.643602300Z
+ddbc.90b4:     FileAttributes:  0x20
+ddbc.90b4:     Size:            0x3f32c8
+ddbc.90b4:     NT Headers:      0x108
+ddbc.90b4:     Timestamp:       0xe31726d
+ddbc.90b4:     Machine:         0x8664 - amd64
+ddbc.90b4:     Timestamp:       0xe31726d
+ddbc.90b4:     Image Version:   10.0
+ddbc.90b4:     SizeOfImage:     0x3f1000 (4132864)
+ddbc.90b4:     Resource Dir:    0x3b7000 LB 0x548
+ddbc.90b4:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
+ddbc.90b4:     [Raw version resource data: 0x3b70b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
+ddbc.90b4:     ProductName:     Microsoft® Windows® Operating System
+ddbc.90b4:     ProductVersion:  10.0.26100.7705
+ddbc.90b4:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+ddbc.90b4:     FileDescription: Windows NT BASE API Client DLL
+ddbc.90b4: \SystemRoot\System32\apisetschema.dll:
+ddbc.90b4:     CreationTime:    2026-01-29T22:35:25.488911500Z
+ddbc.90b4:     LastWriteTime:   2026-01-29T22:35:25.526592500Z
+ddbc.90b4:     ChangeTime:      2026-02-05T09:04:47.126881200Z
+ddbc.90b4:     FileAttributes:  0x20
+ddbc.90b4:     Size:            0x2f598
+ddbc.90b4:     NT Headers:      0xd8
+ddbc.90b4:     Timestamp:       0xd5983b53
+ddbc.90b4:     Machine:         0x8664 - amd64
+ddbc.90b4:     Timestamp:       0xd5983b53
+ddbc.90b4:     Image Version:   10.0
+ddbc.90b4:     SizeOfImage:     0x2e000 (188416)
+ddbc.90b4:     Resource Dir:    0x2d000 LB 0x408
+ddbc.90b4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
+ddbc.90b4:     [Raw version resource data: 0x2d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
+ddbc.90b4:     ProductName:     Microsoft® Windows® Operating System
+ddbc.90b4:     ProductVersion:  10.0.26100.7705
+ddbc.90b4:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+ddbc.90b4:     FileDescription: ApiSet Schema DLL
+ddbc.90b4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
+ddbc.90b4: supR3HardenedWinFindAdversaries: 0x0
+ddbc.90b4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+ddbc.90b4: Calling main()
+ddbc.90b4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
+ddbc.90b4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+ddbc.90b4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
+ddbc.90b4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
+ddbc.90b4: SUPR3HardenedMain: Respawn #2
+ddbc.90b4: supR3HardNtEnableThreadCreationEx:
+ddbc.90b4: supR3HardenedDllNotificationCallback: load   00007ff9c31c0000 LB 0x000a6000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
+ddbc.90b4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
+ddbc.90b4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
+ddbc.90b4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
+ddbc.90b4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
+ddbc.90b4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c32c0000 'C:\WINDOWS\System32\ntdll.dll'
+ddbc.90b4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\KernelBase.dll [lacks WinVerifyTrust]
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KernelBase.dll (Input=KernelBase, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+ddbc.90b4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'C:\WINDOWS\System32\KernelBase.dll'
+ddbc.90b4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9c33ab0a0 pvNtTerminateThread=00007ff9c34224a0 g_LdrInitThunkSelfBackup.cb=10
+ddbc.90b4: supR3HardenedWinDoReSpawn(2): New child d2b0.92a8 [kernel32].
+ddbc.90b4: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
+ddbc.90b4: supR3HardNtChildGatherData: PebBaseAddress=000000d0a1e40000 cbPeb=0x388
+ddbc.90b4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff9c32c0000 uNtDllChildAddr=00007ff9c32c0000
+ddbc.90b4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff9c33ab0a0
+ddbc.90b4: supR3HardenedWinSetupChildInit: Initial context:
+  rax=0000000000000000 rbx=0000000000000000 rcx=00007ff7d03cb8e0 rdx=000000d0a1e40000
+  rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
+  r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
+  r14=0000000000000000 r15=0000000000000000  P1=0000000000000000  P2=0000000000000000
+  rip=00007ff9c334c3e0 rsp=000000d0a1d5fe38 rbp=0000000000000000    ctxflags=0010001b
+  cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000    eflags=00000200   mxcrx=00001f80
+   P3=0000000000000000  P4=0000000000000000  P5=0000000000000000  P6=0000000000000000
+  dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
+  dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
+  lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
+ddbc.90b4: kernel32.dll: timestamp 0x9db26d02 (rc=VINF_SUCCESS)
+ddbc.90b4: supR3HardenedWinSetupChildInit: Start child.
+ddbc.90b4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
+ddbc.90b4: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 17 sleeps
+ddbc.90b4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
+ddbc.90b4:  *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
+ddbc.90b4:   000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
+ddbc.90b4:   000000007fff0000-000000d0a1c5ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000d0a1c60000-000000d0a1d5afff 0x0000/0x0004 0x0020000
+ddbc.90b4:   000000d0a1d5b000-000000d0a1d5dfff 0x0104/0x0004 0x0020000
+ddbc.90b4:   000000d0a1d5e000-000000d0a1d5ffff 0x0004/0x0004 0x0020000
+ddbc.90b4:   000000d0a1d60000-000000d0a1dfffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000d0a1e00000-000000d0a1e3ffff 0x0000/0x0004 0x0020000
+ddbc.90b4:   000000d0a1e40000-000000d0a1e42fff 0x0004/0x0004 0x0020000
+ddbc.90b4:   000000d0a1e43000-000000d0a1ffffff 0x0000/0x0004 0x0020000
+ddbc.90b4:   000000d0a2000000-0000023dd621ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6220000-0000023dd623ffff 0x0004/0x0004 0x0020000
+ddbc.90b4:  *0000023dd6240000-0000023dd6269fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   0000023dd626a000-0000023dd626ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6270000-0000023dd6273fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   0000023dd6274000-0000023dd627ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6280000-0000023dd6280fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   0000023dd6281000-0000023dd628ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6290000-0000023dd6291fff 0x0004/0x0004 0x0020000
+ddbc.90b4:   0000023dd6292000-00007df5a12affff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007df5a12b0000-00007df5a12b0fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   00007df5a12b1000-00007df5a12bffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007df5a12c0000-00007df5a2728fff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007df5a2729000-00007df5a2800fff 0x0001/0x0001 0x0040000
+ddbc.90b4:   00007df5a2801000-00007df5a3095fff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007df5a3096000-00007df5a3096fff 0x0001/0x0001 0x0040000
+ddbc.90b4:   00007df5a3097000-00007ff5806cefff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007ff5806cf000-00007ff5806d3fff 0x0002/0x0001 0x0040000
+ddbc.90b4:   00007ff5806d4000-00007ff583cf9fff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007ff583cfa000-00007ff58838afff 0x0001/0x0001 0x0040000
+ddbc.90b4:   00007ff58838b000-00007ff588394fff 0x0002/0x0001 0x0040000
+ddbc.90b4:   00007ff588395000-00007ff5a12bffff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007ff5a12c0000-00007ff7d03bffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007ff7d03c0000-00007ff7d03c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d03c1000-00007ff7d042bfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d042c000-00007ff7d042cfff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d042d000-00007ff7d0481fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d0482000-00007ff7d0482fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d0483000-00007ff7d0483fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d0484000-00007ff7d0489fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d048a000-00007ff7d048efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d048f000-00007ff7d04c9fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d04ca000-00007ff9c32bffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007ff9c32c0000-00007ff9c32c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c32c1000-00007ff9c3432fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c3433000-00007ff9c348bfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c348c000-00007ff9c3495fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c3496000-00007ff9c34a6fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c34a7000-00007ff9c34a9fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c34aa000-00007ff9c34aafff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c34ab000-00007ff9c3527fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c3528000-00007ffffffeffff 0x0001/0x0000 0x0000000
+ddbc.90b4: VirtualBoxVM.exe: timestamp 0x68f21b4f (rc=VINF_SUCCESS)
+ddbc.90b4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
+ddbc.90b4: VirtualBoxVM.exe: Differences in section #8 (.rsrc) between file and memory:
+ddbc.90b4:   00007ff7d04c7b70 / 0x0107b70: 00 != 50
+ddbc.90b4:   00007ff7d04c7b71 / 0x0107b71: 00 != 41
+ddbc.90b4:   00007ff7d04c7b72 / 0x0107b72: 00 != 44
+ddbc.90b4:   00007ff7d04c7b73 / 0x0107b73: 00 != 44
+ddbc.90b4:   00007ff7d04c7b74 / 0x0107b74: 00 != 49
+ddbc.90b4:   00007ff7d04c7b75 / 0x0107b75: 00 != 4e
+ddbc.90b4:   00007ff7d04c7b76 / 0x0107b76: 00 != 47
+ddbc.90b4:   00007ff7d04c7b77 / 0x0107b77: 00 != 58
+ddbc.90b4:   00007ff7d04c7b78 / 0x0107b78: 00 != 58
+ddbc.90b4:   00007ff7d04c7b79 / 0x0107b79: 00 != 50
+ddbc.90b4:   00007ff7d04c7b7a / 0x0107b7a: 00 != 41
+ddbc.90b4:   00007ff7d04c7b7b / 0x0107b7b: 00 != 44
+ddbc.90b4:   00007ff7d04c7b7c / 0x0107b7c: 00 != 44
+ddbc.90b4:   00007ff7d04c7b7d / 0x0107b7d: 00 != 49
+ddbc.90b4:   00007ff7d04c7b7e / 0x0107b7e: 00 != 4e
+ddbc.90b4:   00007ff7d04c7b7f / 0x0107b7f: 00 != 47
+ddbc.90b4:   00007ff7d04c7b80 / 0x0107b80: 00 != 50
+ddbc.90b4:   00007ff7d04c7b81 / 0x0107b81: 00 != 41
+ddbc.90b4:   00007ff7d04c7b82 / 0x0107b82: 00 != 44
+ddbc.90b4:   00007ff7d04c7b83 / 0x0107b83: 00 != 44
+ddbc.90b4:   00007ff7d04c7b84 / 0x0107b84: 00 != 49
+ddbc.90b4:   00007ff7d04c7b85 / 0x0107b85: 00 != 4e
+ddbc.90b4:   00007ff7d04c7b86 / 0x0107b86: 00 != 47
+ddbc.90b4:   00007ff7d04c7b87 / 0x0107b87: 00 != 58
+ddbc.90b4:   00007ff7d04c7b88 / 0x0107b88: 00 != 58
+ddbc.90b4:   00007ff7d04c7b89 / 0x0107b89: 00 != 50
+ddbc.90b4:   00007ff7d04c7b8a / 0x0107b8a: 00 != 41
+ddbc.90b4:   00007ff7d04c7b8b / 0x0107b8b: 00 != 44
+ddbc.90b4:   00007ff7d04c7b8c / 0x0107b8c: 00 != 44
+ddbc.90b4:   00007ff7d04c7b8d / 0x0107b8d: 00 != 49
+ddbc.90b4:   00007ff7d04c7b8e / 0x0107b8e: 00 != 4e
+ddbc.90b4:   00007ff7d04c7b8f / 0x0107b8f: 00 != 47
+ddbc.90b4:   00007ff7d04c7b90 / 0x0107b90: 00 != 50
+ddbc.90b4:   00007ff7d04c7b91 / 0x0107b91: 00 != 41
+ddbc.90b4:   00007ff7d04c7b92 / 0x0107b92: 00 != 44
+ddbc.90b4:   00007ff7d04c7b93 / 0x0107b93: 00 != 44
+ddbc.90b4:   00007ff7d04c7b94 / 0x0107b94: 00 != 49
+ddbc.90b4:   00007ff7d04c7b95 / 0x0107b95: 00 != 4e
+ddbc.90b4:   00007ff7d04c7b96 / 0x0107b96: 00 != 47
+ddbc.90b4:   00007ff7d04c7b97 / 0x0107b97: 00 != 58
+ddbc.90b4:   00007ff7d04c7b98 / 0x0107b98: 00 != 58
+ddbc.90b4:   00007ff7d04c7b99 / 0x0107b99: 00 != 50
+ddbc.90b4:   00007ff7d04c7b9a / 0x0107b9a: 00 != 41
+ddbc.90b4:   00007ff7d04c7b9b / 0x0107b9b: 00 != 44
+ddbc.90b4:   00007ff7d04c7b9c / 0x0107b9c: 00 != 44
+ddbc.90b4:   00007ff7d04c7b9d / 0x0107b9d: 00 != 49
+ddbc.90b4:   00007ff7d04c7b9e / 0x0107b9e: 00 != 4e
+ddbc.90b4:   00007ff7d04c7b9f / 0x0107b9f: 00 != 47
+ddbc.90b4:   00007ff7d04c7ba0 / 0x0107ba0: 00 != 50
+ddbc.90b4:   00007ff7d04c7ba1 / 0x0107ba1: 00 != 41
+ddbc.90b4:   00007ff7d04c7ba2 / 0x0107ba2: 00 != 44
+ddbc.90b4:   00007ff7d04c7ba3 / 0x0107ba3: 00 != 44
+ddbc.90b4:   00007ff7d04c7ba4 / 0x0107ba4: 00 != 49
+ddbc.90b4:   00007ff7d04c7ba5 / 0x0107ba5: 00 != 4e
+ddbc.90b4:   00007ff7d04c7ba6 / 0x0107ba6: 00 != 47
+ddbc.90b4:   00007ff7d04c7ba7 / 0x0107ba7: 00 != 58
+ddbc.90b4:   00007ff7d04c7ba8 / 0x0107ba8: 00 != 58
+ddbc.90b4:   00007ff7d04c7ba9 / 0x0107ba9: 00 != 50
+ddbc.90b4:   00007ff7d04c7baa / 0x0107baa: 00 != 41
+ddbc.90b4:   00007ff7d04c7bab / 0x0107bab: 00 != 44
+ddbc.90b4:   00007ff7d04c7bac / 0x0107bac: 00 != 44
+ddbc.90b4:   00007ff7d04c7bad / 0x0107bad: 00 != 49
+ddbc.90b4:   00007ff7d04c7bae / 0x0107bae: 00 != 4e
+ddbc.90b4:   00007ff7d04c7baf / 0x0107baf: 00 != 47
+ddbc.90b4:   00007ff7d04c7bb0 / 0x0107bb0: 00 != 50
+ddbc.90b4:   00007ff7d04c7bb1 / 0x0107bb1: 00 != 41
+ddbc.90b4:   00007ff7d04c7bb2 / 0x0107bb2: 00 != 44
+ddbc.90b4:   00007ff7d04c7bb3 / 0x0107bb3: 00 != 44
+ddbc.90b4:   00007ff7d04c7bb4 / 0x0107bb4: 00 != 49
+ddbc.90b4:   00007ff7d04c7bb5 / 0x0107bb5: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bb6 / 0x0107bb6: 00 != 47
+ddbc.90b4:   00007ff7d04c7bb7 / 0x0107bb7: 00 != 58
+ddbc.90b4:   00007ff7d04c7bb8 / 0x0107bb8: 00 != 58
+ddbc.90b4:   00007ff7d04c7bb9 / 0x0107bb9: 00 != 50
+ddbc.90b4:   00007ff7d04c7bba / 0x0107bba: 00 != 41
+ddbc.90b4:   00007ff7d04c7bbb / 0x0107bbb: 00 != 44
+ddbc.90b4:   00007ff7d04c7bbc / 0x0107bbc: 00 != 44
+ddbc.90b4:   00007ff7d04c7bbd / 0x0107bbd: 00 != 49
+ddbc.90b4:   00007ff7d04c7bbe / 0x0107bbe: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bbf / 0x0107bbf: 00 != 47
+ddbc.90b4:   00007ff7d04c7bc0 / 0x0107bc0: 00 != 50
+ddbc.90b4:   00007ff7d04c7bc1 / 0x0107bc1: 00 != 41
+ddbc.90b4:   00007ff7d04c7bc2 / 0x0107bc2: 00 != 44
+ddbc.90b4:   00007ff7d04c7bc3 / 0x0107bc3: 00 != 44
+ddbc.90b4:   00007ff7d04c7bc4 / 0x0107bc4: 00 != 49
+ddbc.90b4:   00007ff7d04c7bc5 / 0x0107bc5: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bc6 / 0x0107bc6: 00 != 47
+ddbc.90b4:   00007ff7d04c7bc7 / 0x0107bc7: 00 != 58
+ddbc.90b4:   00007ff7d04c7bc8 / 0x0107bc8: 00 != 58
+ddbc.90b4:   00007ff7d04c7bc9 / 0x0107bc9: 00 != 50
+ddbc.90b4:   00007ff7d04c7bca / 0x0107bca: 00 != 41
+ddbc.90b4:   00007ff7d04c7bcb / 0x0107bcb: 00 != 44
+ddbc.90b4:   00007ff7d04c7bcc / 0x0107bcc: 00 != 44
+ddbc.90b4:   00007ff7d04c7bcd / 0x0107bcd: 00 != 49
+ddbc.90b4:   00007ff7d04c7bce / 0x0107bce: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bcf / 0x0107bcf: 00 != 47
+ddbc.90b4:   00007ff7d04c7bd0 / 0x0107bd0: 00 != 50
+ddbc.90b4:   00007ff7d04c7bd1 / 0x0107bd1: 00 != 41
+ddbc.90b4:   00007ff7d04c7bd2 / 0x0107bd2: 00 != 44
+ddbc.90b4:   00007ff7d04c7bd3 / 0x0107bd3: 00 != 44
+ddbc.90b4:   00007ff7d04c7bd4 / 0x0107bd4: 00 != 49
+ddbc.90b4:   00007ff7d04c7bd5 / 0x0107bd5: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bd6 / 0x0107bd6: 00 != 47
+ddbc.90b4:   00007ff7d04c7bd7 / 0x0107bd7: 00 != 58
+ddbc.90b4:   00007ff7d04c7bd8 / 0x0107bd8: 00 != 58
+ddbc.90b4:   00007ff7d04c7bd9 / 0x0107bd9: 00 != 50
+ddbc.90b4:   00007ff7d04c7bda / 0x0107bda: 00 != 41
+ddbc.90b4:   00007ff7d04c7bdb / 0x0107bdb: 00 != 44
+ddbc.90b4:   00007ff7d04c7bdc / 0x0107bdc: 00 != 44
+ddbc.90b4:   00007ff7d04c7bdd / 0x0107bdd: 00 != 49
+ddbc.90b4:   00007ff7d04c7bde / 0x0107bde: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bdf / 0x0107bdf: 00 != 47
+ddbc.90b4:   00007ff7d04c7be0 / 0x0107be0: 00 != 50
+ddbc.90b4:   00007ff7d04c7be1 / 0x0107be1: 00 != 41
+ddbc.90b4:   00007ff7d04c7be2 / 0x0107be2: 00 != 44
+ddbc.90b4:   00007ff7d04c7be3 / 0x0107be3: 00 != 44
+ddbc.90b4:   00007ff7d04c7be4 / 0x0107be4: 00 != 49
+ddbc.90b4:   00007ff7d04c7be5 / 0x0107be5: 00 != 4e
+ddbc.90b4:   00007ff7d04c7be6 / 0x0107be6: 00 != 47
+ddbc.90b4:   00007ff7d04c7be7 / 0x0107be7: 00 != 58
+ddbc.90b4:   00007ff7d04c7be8 / 0x0107be8: 00 != 58
+ddbc.90b4:   00007ff7d04c7be9 / 0x0107be9: 00 != 50
+ddbc.90b4:   00007ff7d04c7bea / 0x0107bea: 00 != 41
+ddbc.90b4:   00007ff7d04c7beb / 0x0107beb: 00 != 44
+ddbc.90b4:   00007ff7d04c7bec / 0x0107bec: 00 != 44
+ddbc.90b4:   00007ff7d04c7bed / 0x0107bed: 00 != 49
+ddbc.90b4:   00007ff7d04c7bee / 0x0107bee: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bef / 0x0107bef: 00 != 47
+ddbc.90b4:   00007ff7d04c7bf0 / 0x0107bf0: 00 != 50
+ddbc.90b4:   00007ff7d04c7bf1 / 0x0107bf1: 00 != 41
+ddbc.90b4:   00007ff7d04c7bf2 / 0x0107bf2: 00 != 44
+ddbc.90b4:   00007ff7d04c7bf3 / 0x0107bf3: 00 != 44
+ddbc.90b4:   00007ff7d04c7bf4 / 0x0107bf4: 00 != 49
+ddbc.90b4:   00007ff7d04c7bf5 / 0x0107bf5: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bf6 / 0x0107bf6: 00 != 47
+ddbc.90b4:   00007ff7d04c7bf7 / 0x0107bf7: 00 != 58
+ddbc.90b4:   00007ff7d04c7bf8 / 0x0107bf8: 00 != 58
+ddbc.90b4:   00007ff7d04c7bf9 / 0x0107bf9: 00 != 50
+ddbc.90b4:   00007ff7d04c7bfa / 0x0107bfa: 00 != 41
+ddbc.90b4:   00007ff7d04c7bfb / 0x0107bfb: 00 != 44
+ddbc.90b4:   00007ff7d04c7bfc / 0x0107bfc: 00 != 44
+ddbc.90b4:   00007ff7d04c7bfd / 0x0107bfd: 00 != 49
+ddbc.90b4:   00007ff7d04c7bfe / 0x0107bfe: 00 != 4e
+ddbc.90b4:   00007ff7d04c7bff / 0x0107bff: 00 != 47
+ddbc.90b4:   Restored 0x490 bytes of original file content at 00007ff7d04c7b70
+ddbc.90b4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
+ddbc.90b4: ntdll.dll: Differences in section #12 (.mrdata) between file and memory:
+ddbc.90b4:   00007ff9c34aa490 / 0x01ea490: 00 != a0
+ddbc.90b4:   00007ff9c34aa491 / 0x01ea491: 00 != c2
+ddbc.90b4:   00007ff9c34aa492 / 0x01ea492: 00 != 6f
+ddbc.90b4:   00007ff9c34aa493 / 0x01ea493: 00 != 77
+ddbc.90b4:   00007ff9c34aa498 / 0x01ea498: 00 != e8
+ddbc.90b4:   00007ff9c34aa499 / 0x01ea499: 00 != 97
+ddbc.90b4:   00007ff9c34aa49a / 0x01ea49a: 00 != 6f
+ddbc.90b4:   00007ff9c34aa49b / 0x01ea49b: 00 != 77
+ddbc.90b4:   00007ff9c34aa4d8 / 0x01ea4d8: 00 != dc
+ddbc.90b4:   00007ff9c34aa4d9 / 0x01ea4d9: 00 != 18
+ddbc.90b4:   00007ff9c34aa4da / 0x01ea4da: 00 != 66
+ddbc.90b4:   00007ff9c34aa4db / 0x01ea4db: 00 != 29
+ddbc.90b4:   00007ff9c34aa4e0 / 0x01ea4e0: 00 != 10
+ddbc.90b4:   00007ff9c34aa4e5 / 0x01ea4e5: 00 != 01
+ddbc.90b4:   00007ff9c34aa4ef / 0x01ea4ef: 00 != 20
+ddbc.90b4:   00007ff9c34aa4f0 / 0x01ea4f0: 00 != 02
+ddbc.90b4:   00007ff9c34aa4f1 / 0x01ea4f1: 00 != 20
+ddbc.90b4:   00007ff9c34aa4fa / 0x01ea4fa: 00 != 2c
+ddbc.90b4:   00007ff9c34aa4fb / 0x01ea4fb: 00 != a1
+ddbc.90b4:   00007ff9c34aa4fc / 0x01ea4fc: 00 != f5
+ddbc.90b4:   00007ff9c34aa4fd / 0x01ea4fd: 00 != 7d
+ddbc.90b4:   00007ff9c34aa505 / 0x01ea505: 00 != 02
+ddbc.90b4:   Restored 0x118 bytes of original file content at 00007ff9c34aa490
+ddbc.90b4: supR3HardNtChildPurify: cFixes=2 g_fSupAdversaries=0x80000000
+ddbc.90b4: supR3HardNtChildPurify: Startup delay kludge #1/1: 524 ms, 34 sleeps
+ddbc.90b4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
+ddbc.90b4:  *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
+ddbc.90b4:   000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
+ddbc.90b4:   000000007fff0000-000000d0a1c5ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000d0a1c60000-000000d0a1d5afff 0x0000/0x0004 0x0020000
+ddbc.90b4:   000000d0a1d5b000-000000d0a1d5dfff 0x0104/0x0004 0x0020000
+ddbc.90b4:   000000d0a1d5e000-000000d0a1d5ffff 0x0004/0x0004 0x0020000
+ddbc.90b4:   000000d0a1d60000-000000d0a1dfffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *000000d0a1e00000-000000d0a1e3ffff 0x0000/0x0004 0x0020000
+ddbc.90b4:   000000d0a1e40000-000000d0a1e42fff 0x0004/0x0004 0x0020000
+ddbc.90b4:   000000d0a1e43000-000000d0a1ffffff 0x0000/0x0004 0x0020000
+ddbc.90b4:   000000d0a2000000-0000023dd621ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6220000-0000023dd623ffff 0x0004/0x0004 0x0020000
+ddbc.90b4:  *0000023dd6240000-0000023dd6269fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   0000023dd626a000-0000023dd626ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6270000-0000023dd6273fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   0000023dd6274000-0000023dd627ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6280000-0000023dd6280fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   0000023dd6281000-0000023dd628ffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *0000023dd6290000-0000023dd6291fff 0x0004/0x0004 0x0020000
+ddbc.90b4:   0000023dd6292000-00007df5a12affff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007df5a12b0000-00007df5a12b0fff 0x0002/0x0002 0x0040000
+ddbc.90b4:   00007df5a12b1000-00007df5a12bffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007df5a12c0000-00007df5a2728fff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007df5a2729000-00007df5a2800fff 0x0001/0x0001 0x0040000
+ddbc.90b4:   00007df5a2801000-00007df5a3095fff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007df5a3096000-00007df5a3096fff 0x0001/0x0001 0x0040000
+ddbc.90b4:   00007df5a3097000-00007ff5806cefff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007ff5806cf000-00007ff5806d3fff 0x0002/0x0001 0x0040000
+ddbc.90b4:   00007ff5806d4000-00007ff583cf9fff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007ff583cfa000-00007ff58838afff 0x0001/0x0001 0x0040000
+ddbc.90b4:   00007ff58838b000-00007ff588394fff 0x0002/0x0001 0x0040000
+ddbc.90b4:   00007ff588395000-00007ff5a12bffff 0x0000/0x0001 0x0040000
+ddbc.90b4:   00007ff5a12c0000-00007ff7d03bffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007ff7d03c0000-00007ff7d03c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d03c1000-00007ff7d042bfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d042c000-00007ff7d042cfff 0x0040/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d042d000-00007ff7d0481fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d0482000-00007ff7d048efff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d048f000-00007ff7d04c9fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+ddbc.90b4:   00007ff7d04ca000-00007ff9c32bffff 0x0001/0x0000 0x0000000
+ddbc.90b4:  *00007ff9c32c0000-00007ff9c32c0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c32c1000-00007ff9c3432fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c3433000-00007ff9c348bfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c348c000-00007ff9c348cfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c348d000-00007ff9c348dfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c348e000-00007ff9c3495fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c3496000-00007ff9c34a6fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c34a7000-00007ff9c34a7fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c34a8000-00007ff9c34a9fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c34aa000-00007ff9c34aafff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c34ab000-00007ff9c3527fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ddbc.90b4:   00007ff9c3528000-00007ffffffeffff 0x0001/0x0000 0x0000000
+ddbc.90b4: supR3HardNtChildPurify: Done after 818 ms and 2 fixes (loop #1).
+d2b0.92a8: supR3HardenedVmProcessInit: uNtDllAddr=00007ff9c32c0000 g_uNtVerCombined=0xa0665800 (stack ~000000d0a1d5ec00)
+ddbc.90b4: supR3HardenedEarlyCompact: Removed heap 1 (0x000229f4ec0000 LB 0x800000)
+d2b0.92a8: ntdll.dll: timestamp 0xbafb00ad (rc=VINF_SUCCESS)
+d2b0.92a8: New simple heap: #1 0000023dd63a0000 LB 0x800000 (for 2523136 allocation)
+ddbc.90b4: supR3HardNtEnableThreadCreationEx:
+d2b0.92a8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+d2b0.92a8: System32:  \Device\HarddiskVolume3\Windows\System32
+d2b0.92a8: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
+d2b0.92a8: KnownDllPath: C:\WINDOWS\System32
+d2b0.92a8: supR3HardenedVmProcessInit: Opening vboxsup...
+d2b0.92a8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
+d2b0.92a8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
+d2b0.92a8: Registered Dll notification callback with NTDLL.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bfbd0000 LB 0x003f1000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c10f0000 LB 0x000c9000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\KERNEL32.DLL'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\KernelBase.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNELBASE.dll (Input=KERNELBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'C:\WINDOWS\System32\KERNELBASE.dll'
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff7d03c0000 LB 0x0010a000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
+d2b0.92a8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
+d2b0.92a8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9c33ab0a0 pvNtTerminateThread=00007ff9c34224a0 g_LdrInitThunkSelfBackup.cb=0
+d2b0.92a8: supR3HardNtDisableThreadCreationEx: Backup=40 53 48 83 ec 20 48 8b d9 e8 1a 00 00 00 b2 01
+ddbc.90b4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 116 ms.
+d2b0.92a8: \SystemRoot\System32\ntdll.dll:
+d2b0.92a8:     CreationTime:    2026-01-29T22:35:39.716023100Z
+d2b0.92a8:     LastWriteTime:   2026-01-29T22:35:40.009089100Z
+d2b0.92a8:     ChangeTime:      2026-02-05T09:04:49.647492500Z
+d2b0.92a8:     FileAttributes:  0x20
+d2b0.92a8:     Size:            0x267b80
+d2b0.92a8:     NT Headers:      0xe0
+d2b0.92a8:     Timestamp:       0xbafb00ad
+d2b0.92a8:     Machine:         0x8664 - amd64
+d2b0.92a8:     Timestamp:       0xbafb00ad
+d2b0.92a8:     Image Version:   10.0
+d2b0.92a8:     SizeOfImage:     0x268000 (2523136)
+d2b0.92a8:     Resource Dir:    0x1ec000 LB 0x7a108
+d2b0.92a8:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
+d2b0.92a8:     [Raw version resource data: 0x1ec0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
+d2b0.92a8:     ProductName:     Microsoft® Windows® Operating System
+d2b0.92a8:     ProductVersion:  10.0.26100.7705
+d2b0.92a8:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+d2b0.92a8:     FileDescription: NT Layer DLL
+d2b0.92a8: \SystemRoot\System32\kernel32.dll:
+d2b0.92a8:     CreationTime:    2026-01-29T22:35:35.579009500Z
+d2b0.92a8:     LastWriteTime:   2026-01-29T22:35:35.662547000Z
+d2b0.92a8:     ChangeTime:      2026-02-05T09:04:44.827659200Z
+d2b0.92a8:     FileAttributes:  0x20
+d2b0.92a8:     Size:            0xcc218
+d2b0.92a8:     NT Headers:      0xf0
+d2b0.92a8:     Timestamp:       0x9db26d02
+d2b0.92a8:     Machine:         0x8664 - amd64
+d2b0.92a8:     Timestamp:       0x9db26d02
+d2b0.92a8:     Image Version:   10.0
+d2b0.92a8:     SizeOfImage:     0xc9000 (823296)
+d2b0.92a8:     Resource Dir:    0xc7000 LB 0x520
+d2b0.92a8:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
+d2b0.92a8:     [Raw version resource data: 0xc70b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
+d2b0.92a8:     ProductName:     Microsoft® Windows® Operating System
+d2b0.92a8:     ProductVersion:  10.0.26100.7705
+d2b0.92a8:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+d2b0.92a8:     FileDescription: Windows NT BASE API Client DLL
+d2b0.92a8: \SystemRoot\System32\KernelBase.dll:
+d2b0.92a8:     CreationTime:    2026-01-29T22:35:35.618516400Z
+d2b0.92a8:     LastWriteTime:   2026-01-29T22:35:36.330801000Z
+d2b0.92a8:     ChangeTime:      2026-02-05T09:04:48.643602300Z
+d2b0.92a8:     FileAttributes:  0x20
+d2b0.92a8:     Size:            0x3f32c8
+d2b0.92a8:     NT Headers:      0x108
+d2b0.92a8:     Timestamp:       0xe31726d
+d2b0.92a8:     Machine:         0x8664 - amd64
+d2b0.92a8:     Timestamp:       0xe31726d
+d2b0.92a8:     Image Version:   10.0
+d2b0.92a8:     SizeOfImage:     0x3f1000 (4132864)
+d2b0.92a8:     Resource Dir:    0x3b7000 LB 0x548
+d2b0.92a8:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
+d2b0.92a8:     [Raw version resource data: 0x3b70b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
+d2b0.92a8:     ProductName:     Microsoft® Windows® Operating System
+d2b0.92a8:     ProductVersion:  10.0.26100.7705
+d2b0.92a8:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+d2b0.92a8:     FileDescription: Windows NT BASE API Client DLL
+d2b0.92a8: \SystemRoot\System32\apisetschema.dll:
+d2b0.92a8:     CreationTime:    2026-01-29T22:35:25.488911500Z
+d2b0.92a8:     LastWriteTime:   2026-01-29T22:35:25.526592500Z
+d2b0.92a8:     ChangeTime:      2026-02-05T09:04:47.126881200Z
+d2b0.92a8:     FileAttributes:  0x20
+d2b0.92a8:     Size:            0x2f598
+d2b0.92a8:     NT Headers:      0xd8
+d2b0.92a8:     Timestamp:       0xd5983b53
+d2b0.92a8:     Machine:         0x8664 - amd64
+d2b0.92a8:     Timestamp:       0xd5983b53
+d2b0.92a8:     Image Version:   10.0
+d2b0.92a8:     SizeOfImage:     0x2e000 (188416)
+d2b0.92a8:     Resource Dir:    0x2d000 LB 0x408
+d2b0.92a8:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
+d2b0.92a8:     [Raw version resource data: 0x2d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
+d2b0.92a8:     ProductName:     Microsoft® Windows® Operating System
+d2b0.92a8:     ProductVersion:  10.0.26100.7705
+d2b0.92a8:     FileVersion:     10.0.26100.7705 (WinBuild.160101.0800)
+d2b0.92a8:     FileDescription: ApiSet Schema DLL
+d2b0.92a8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
+d2b0.92a8: supR3HardenedWinFindAdversaries: 0x0
+d2b0.92a8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+d2b0.92a8: Calling main()
+d2b0.92a8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
+d2b0.92a8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
+d2b0.92a8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
+d2b0.92a8: SUPR3HardenedMain: Final process, opening VBoxDrv...
+d2b0.92a8: supR3HardenedEarlyCompact: Removed heap 1 (0x00023dd63a0000 LB 0x800000)
+d2b0.92a8: supR3HardNtEnableThreadCreationEx:
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a50b0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a50b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a50b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a50b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c2d50000 LB 0x000a9000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c11c0000 LB 0x00118000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c0fd0000 LB 0x00082000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c03f0000 LB 0x0014b000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c0270000 LB 0x00177000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-fibers-l1-1-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-2) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-2 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-fibers-l1-1-2'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bf2b0000 LB 0x00013000 C:\WINDOWS\SYSTEM32\MSASN1.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0fd0000 'C:\WINDOWS\system32\Wintrust.dll'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c31c0000 LB 0x000a6000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bfa90000 LB 0x0002a000 C:\WINDOWS\system32\bcrypt.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfa90000 'C:\WINDOWS\system32\bcrypt.dll'
+d2b0.92a8: bcrypt.dll loaded at 00007ff9bfa90000, BCryptOpenAlgorithmProvider at 00007ff9bfa99410, preloading providers:
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c0540000 LB 0x000a5000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0540000 'C:\WINDOWS\system32\bcryptprimitives.dll'
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000023dd710e7f0)
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000023dd710f140)
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000023dd710f800)
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000023dd710fec0)
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000023dd7110580)
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000023dd7110c40)
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000023dd7111300)
+d2b0.92a8:     BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000023dd71119c0)
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bf180000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9be8b0000 LB 0x00039000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bf1a0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0fd0000 'C:\WINDOWS\System32\WINTRUST.DLL'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\CRYPT32.dll'
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1c20000 LB 0x00020000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c0100000 LB 0x000a3000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c2e00000 LB 0x000f6000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bef30000 LB 0x00031000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-string-l1-1-0'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-l1-2-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-datetime-l1-1-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-obsolete-l1-2-0'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b1050000 LB 0x0003b000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\Windows\System32\cryptnet.dll'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bfac0000 LB 0x00029000 C:\WINDOWS\SYSTEM32\profapi.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c3100000 LB 0x000b4000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFEA668CBFCB723FF8C1FE923A5AF693DA02631B
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c11c0000 'C:\WINDOWS\System32\rpcrt4.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Kernel-Package-Ntdll-Package~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\SystemRoot\System32\ntdll.dll'
+d2b0.92a8: g_pfnWinVerifyTrust=00007ff9c0fdb400
+d2b0.92a8: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\system32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xf9058f62226fd6dc CN=AutoHotkey
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xf7ec648dcb5d500 CN=Razer Chroma SDK Local Cert, OU=Chroma, O=Razer Inc
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x670683072a91b300 C=US, O=Microsoft Corporation, CN=Microsoft Identity Verification Root Certificate Authority 2020
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x3d993fde1950a700 C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xc6536f24d57ae723 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x2404221294e78d00 C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xcb7d2ba3dd0ff900 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xd8755236d5be9300 C=GB, O=Sectigo Limited, CN=Sectigo Public Server Authentication Root R46
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x9d1179c9f4d0b300 C=US, O=DigiCert, Inc., CN=DigiCert TLS RSA4096 Root G5
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xf966ca73e8079500 OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x298c3394be5bca00 C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xa4031c19392e9f0e OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x362d8807333b600 C=US, O=DigiCert, Inc., CN=DigiCert CS RSA4096 Root G5
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xe87add30c52db600 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Code Signing Root R45
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xf14e20830740c3ef C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority ECC
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xd407c1f75ec7d700 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x665f55ebd06ce27b C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
+d2b0.92a8: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
+d2b0.92a8: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=60
+d2b0.92a8: SUPR3HardenedMain: Load Runtime...
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'mpr.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'ws2_32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp140.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll [redoing WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99e830000 LB 0x00021000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b1750000 LB 0x0001e000 C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b1770000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\VCRUNTIME140_1.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b1200000 LB 0x00088000 C:\WINDOWS\SYSTEM32\MSVCP140.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1aa0000 LB 0x00074000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8c2d90000 LB 0x00750000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8c2d90000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0fd0000 'C:\WINDOWS\system32\Wintrust.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\system32\crypt32.dll'
+d2b0.92a8: SUPR3HardenedMain: Load TrustedMain...
+d2b0.d4d0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-appmodel-runtime-l1-1-2) -> 0x0, fPresent=1
+d2b0.d4d0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-appmodel-runtime-l1-1-2 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.d4d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcrt.dll'.
+d2b0.d4d0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
+d2b0.d4d0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
+d2b0.d4d0: supR3HardenedDllNotificationCallback: load   00007ff9be950000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
+d2b0.d4d0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
+d2b0.d4d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be950000 'api-ms-win-appmodel-runtime-l1-1-2'
+d2b0.d4d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.d4d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.d4d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
+d2b0.d4d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.d4d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.d4d0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'uicommon.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt6guivbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt6widgetsvbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'winmm.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'vboxrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'msvcp140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'combase.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6widgetsvbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6widgetsvbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt6guivbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6guivbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6guivbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mpr.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'userenv.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'authz.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'netapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'version.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'winmm.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ws2_32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'vcruntime140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6guivbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6guivbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'd3d11.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'd3d12.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwrite.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msvcp140_2.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=22900 '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'user32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140_2.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140_2.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwrite.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwrite.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwrite.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=22900 '\Device\HarddiskVolume3\Windows\System32\DWrite.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\DWrite.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DWrite.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #70 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #72 'gdi32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d12.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d12.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d12.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\D3D12.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\D3D12.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\D3D12.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'win32u.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\d3d11.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'win32u.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\netapi32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\netapi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'authz.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'authz.dll' -> '\Device\HarddiskVolume3\Windows\System32\authz.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=22900 '\Device\HarddiskVolume3\Windows\System32\authz.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\authz.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\authz.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\userenv.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'd3d11.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'd3d12.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwrite.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msvcp140_2.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll [redoing WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140_2.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140_2.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwrite.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwrite.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwrite.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\DWrite.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d12.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d12.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d12.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\D3D12.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt6guivbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt6widgetsvbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt6helpvbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt6statemachinevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'vboxrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'vcruntime140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6statemachinevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6statemachinevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6statemachinevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt6guivbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vcruntime140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6StateMachineVBox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6StateMachineVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6helpvbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6helpvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6helpvbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6guivbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6guivbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt6sqlvbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt6widgetsvbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt6guivbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6HelpVBox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6HelpVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6widgetsvbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6widgetsvbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6guivbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6guivbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll [redoing WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6guivbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6guivbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6widgetsvbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6widgetsvbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6sqlvbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6sqlvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6sqlvbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6HelpVBox.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6StateMachineVBox.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\authz.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netapi32.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\D3D12.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\DWrite.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\srvcli.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\srvcli.dll
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\netutils.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\netutils.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bef70000 LB 0x0002b000 C:\WINDOWS\SYSTEM32\USERENV.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9be3a0000 LB 0x00050000 C:\WINDOWS\SYSTEM32\AUTHZ.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\authz.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff999920000 LB 0x0001a000 C:\WINDOWS\SYSTEM32\NETAPI32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netapi32.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bfba0000 LB 0x00027000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c26b0000 LB 0x001c6000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bffd0000 LB 0x0012b000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'win32u.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c2990000 LB 0x0002b000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c29c0000 LB 0x00386000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1340000 LB 0x00197000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c05f0000 LB 0x0016a000 C:\WINDOWS\System32\wintypes.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1e30000 LB 0x00751000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b1710000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\VERSION.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9adb10000 LB 0x00035000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a1060000 LB 0x00009000 C:\WINDOWS\SYSTEM32\MSVCP140_1.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b07d0000 LB 0x00029000 C:\WINDOWS\SYSTEM32\SRVCLI.DLL [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\srvcli.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9be2b0000 LB 0x0000d000 C:\WINDOWS\SYSTEM32\NETUTILS.DLL [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netutils.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8d86d0000 LB 0x005c3000 C:\Program Files\Oracle\VirtualBox\Qt6CoreVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bfa00000 LB 0x0005e000 C:\WINDOWS\SYSTEM32\powrprof.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bda60000 LB 0x0013c000 C:\WINDOWS\SYSTEM32\dxgi.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bd7f0000 LB 0x00262000 C:\WINDOWS\SYSTEM32\d3d11.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9931a0000 LB 0x00023000 C:\WINDOWS\SYSTEM32\d3d12.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\D3D12.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bd120000 LB 0x000ab000 C:\WINDOWS\SYSTEM32\UxTheme.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bce30000 LB 0x00267000 C:\WINDOWS\SYSTEM32\DWrite.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\DWrite.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99ccd0000 LB 0x00044000 C:\WINDOWS\SYSTEM32\MSVCP140_2.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8d7e40000 LB 0x0088e000 C:\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bd690000 LB 0x00031000 C:\WINDOWS\SYSTEM32\dwmapi.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8d6830000 LB 0x0062a000 C:\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99c5b0000 LB 0x0004d000 C:\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff93a6f0000 LB 0x00092000 C:\Program Files\Oracle\VirtualBox\Qt6HelpVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6HelpVBox.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99ca20000 LB 0x00055000 C:\Program Files\Oracle\VirtualBox\Qt6StateMachineVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6StateMachineVBox.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1b40000 LB 0x000d7000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8b2de0000 LB 0x01b5a000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8e3160000 LB 0x0014e000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000062c (hFile=0000000000000458) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netutils.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netutils.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\srvcli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\srvcli.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\userenv.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\authz.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\authz.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\version.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\d3d11.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\D3D12.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\D3D12.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\DWrite.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DWrite.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [redoing WinVerifyTrust]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\imm32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
+d2b0.92a8: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
+d2b0.92a8: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
+d2b0.92a8: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
+d2b0.92a8: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1060000 LB 0x00031000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1060000 'C:\WINDOWS\system32\IMM32.DLL'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netutils.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netutils.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\srvcli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\srvcli.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\userenv.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\authz.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\authz.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\version.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\d3d11.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\D3D12.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\D3D12.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\DWrite.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DWrite.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\umpdc.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\umpdc.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bf9e0000 LB 0x00014000 C:\WINDOWS\SYSTEM32\UMPDC.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\umpdc.dll [avoiding WinVerifyTrust]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netutils.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netutils.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\srvcli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\srvcli.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\userenv.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\authz.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\authz.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\version.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\d3d11.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\D3D12.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\D3D12.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\DWrite.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DWrite.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c2990000 'C:\WINDOWS\System32\gdi32.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netutils.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netutils.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\srvcli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\srvcli.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\userenv.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\authz.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\authz.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\version.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\d3d11.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\D3D12.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\D3D12.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\DWrite.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DWrite.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=22900 '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8e3160000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\netutils.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\srvcli.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6SqlVBox.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000604 pwszName=\Device\HarddiskVolume3\Windows\System32\authz.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=51B46F72ECEFBDA9DE45D4C22CEFAFDC247D55B2
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-Core-merged-Package~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\authz.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\authz.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\version.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\d3d11.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dxgi.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\D3D12.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005cc pwszName=\Device\HarddiskVolume3\Windows\System32\DWrite.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6BE6A39F0757EBBF5A7EAB6FF2038B655EF0DB9
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-Graphics-DirectX-Package~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\DWrite.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\DWrite.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_2.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c0 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D7BA4446D2EE37447EB07372719C7E12FE441B3E
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04112~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp140_1.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
+d2b0.92a8: SUPR3HardenedMain: Calling TrustedMain (00007ff8e31619c0)...
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c0760000 LB 0x00862000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1a30000 LB 0x00067000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'windows.storage.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'windows.storage.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'windows.storage.dll' -> '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll [lacks WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'setupapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shell32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shlwapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'winmm.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'wtsapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'comdlg32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'd3d9.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'uiautomationcore.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'qt6guivbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'vcruntime140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'vcruntime140_1.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindowsVBox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindowsVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6guivbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6guivbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uiautomationcore.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uiautomationcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\uiautomationcore.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000540 pwszName=\Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CFA44018B39494AC3B200B335C283288B7D8FEBB
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Runlevel-Win4-merged-Package~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d9.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d9.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d9.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'dwmapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'version.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d9.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d9.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000470 pwszName=\Device\HarddiskVolume3\Windows\System32\comdlg32.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=184448C3621E89AC9E5A49E3BFA75126C1022D8D
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\comdlg32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #61 'shlwapi.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #62 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #63 'comctl32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #64 'shell32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wtsapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wtsapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\wtsapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'sspicli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'crypt32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wtsapi32.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wtsapi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sspicli.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'sspicli.dll' -> '\Device\HarddiskVolume3\Windows\System32\sspicli.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\sspicli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sspicli.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sspicli.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindowsVBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindowsVBox.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wtsapi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sspicli.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DXCore.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DXCore.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c14e0000 LB 0x00489000 C:\WINDOWS\System32\SETUPAPI.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bebf0000 LB 0x00049000 C:\WINDOWS\SYSTEM32\SspiCli.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sspicli.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bc790000 LB 0x0002a000 C:\WINDOWS\SYSTEM32\WTSAPI32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wtsapi32.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a76e0000 LB 0x000b4000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\COMCTL32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c25a0000 LB 0x000ef000 C:\WINDOWS\System32\COMDLG32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bd520000 LB 0x00044000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a4c60000 LB 0x001b3000 C:\WINDOWS\SYSTEM32\d3d9.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a4830000 LB 0x00421000 C:\WINDOWS\SYSTEM32\UIAutomationCore.DLL [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8f0160000 LB 0x000db000 C:\Program Files\Oracle\VirtualBox\platforms\qwindowsVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindowsVBox.dll
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\sspicli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\sspicli.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rescheduled]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1060000 'C:\WINDOWS\System32\imm32.dll'
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\sspicli.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\sspicli.dll' [rescheduled]
+d2b0.92a8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rescheduled]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f0160000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindowsVBox.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.26100.7309_none_87ef0e2f7a2c9771\comctl32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sspicli.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'bcryptprimitives.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #53 'combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #54 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\rpcss.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcss.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000004c4 (hFile=000000000000049c) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000634 pwszName=\Device\HarddiskVolume3\Windows\System32\rpcss.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4CA8606EF2ACA40CB22FD85B965D9F03BA15F5CD
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-Core-merged-Package~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\rpcss.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcss.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bd120000 'C:\WINDOWS\system32\uxtheme.dll'
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c2f90000 LB 0x0015f000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c26b0000 'C:\WINDOWS\System32\USER32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'cfgmgr32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DEVOBJ.dll (Input=DEVOBJ.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bf710000 LB 0x00057000 C:\WINDOWS\SYSTEM32\cfgmgr32.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bf6e0000 LB 0x0002d000 C:\WINDOWS\System32\DEVOBJ.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bf6e0000 'C:\WINDOWS\System32\DEVOBJ.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-registry-l1-1-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-registry-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-registry-l1-1-0.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0fd0000 'C:\WINDOWS\System32\WINTRUST.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'uxtheme.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt6widgetsvbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt6guivbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt6corevbox.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp140.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'vcruntime140.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\styles\qmodernwindowsstyleVBox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\styles\qmodernwindowsstyleVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6corevbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6corevbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6guivbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6guivbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6GuiVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt6widgetsvbox.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt6widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt6widgetsvbox.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt6WidgetsVBox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\styles\qmodernwindowsstyleVBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\styles\qmodernwindowsstyleVBox.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99c4e0000 LB 0x00036000 C:\Program Files\Oracle\VirtualBox\styles\qmodernwindowsstyleVBox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\styles\qmodernwindowsstyleVBox.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff99c4e0000 'C:\Program Files\Oracle\VirtualBox\styles\qmodernwindowsstyleVBox.dll'
+d2b0.92a8: '\Device\HarddiskVolume3\Windows\System32\imageres.dll' has no imports
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imageres.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imageres.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000085c (hFile=0000000000000804) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\imageres.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000804 (hFile=000000000000085c) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\imageres.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000085c (hFile=0000000000000804) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\imageres.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000804 (hFile=000000000000085c) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000818 pwszName=\Device\HarddiskVolume3\Windows\System32\imageres.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0EE2082FDAB9E64FDEB5A51961DE49D30EFA3625
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package02~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\imageres.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imageres.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000087c pwszName=\Device\HarddiskVolume3\Windows\System32\IconCodecService.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A94C939C9629E54D59EAB8EB41ACFCDF775AA8B
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0418~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\IconCodecService.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IconCodecService.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IconCodecService.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IconCodecService.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IconCodecService.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff997820000 LB 0x0000b000 C:\WINDOWS\system32\IconCodecService.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IconCodecService.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff997820000 'C:\WINDOWS\system32\IconCodecService.dll'
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bba20000 LB 0x0022f000 C:\WINDOWS\SYSTEM32\WindowsCodecs.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imageres.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000085c (hFile=0000000000000804) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imageres.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000804 (hFile=000000000000085c) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imageres.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000085c (hFile=0000000000000804) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imageres.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000890 (hFile=00000000000008a0) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9c1970000 LB 0x000b0000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcss.dll
+d2b0.92a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000008c8 (hFile=00000000000008bc) with 0xc0000022 -> STATUS_TRUST_FAILURE
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.892c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.892c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll'
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'advapi32.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'ole32.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'vcruntime140.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'vcruntime140_1.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'msvcp140.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'vboxrt.dll'.
+d2b0.892c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
+d2b0.892c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.892c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
+d2b0.892c: supR3HardenedDllNotificationCallback: load   00007ff8d7a20000 LB 0x0041c000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
+d2b0.892c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8d7a20000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shlwapi.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'vcruntime140.dll'.
+d2b0.892c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'vboxrt.dll'.
+d2b0.892c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
+d2b0.892c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.892c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.892c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.892c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
+d2b0.892c: supR3HardenedDllNotificationCallback: load   00007ff8ebbd0000 LB 0x000e7000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
+d2b0.892c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8ebbd0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
+d2b0.892c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1b40000 'C:\Windows\System32\oleaut32.dll'
+d2b0.cd44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.cd44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.cd44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.cd44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vcruntime140.dll'.
+d2b0.cd44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'vcruntime140_1.dll'.
+d2b0.cd44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
+d2b0.cd44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
+d2b0.cd44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.cd44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.cd44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.cd44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.cd44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.cd44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.cd44: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.cd44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
+d2b0.cd44: supR3HardenedDllNotificationCallback: load   00007ff8ddc30000 LB 0x005b4000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
+d2b0.cd44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
+d2b0.cd44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8ddc30000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x62d66630; retrying against current time: 0x6985810f.
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME (-23033) w/ timestamp=0x6985810f/now.
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1050000 'C:\WINDOWS\System32\cryptnet.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8d6680000 LB 0x001af000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8d6680000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll'
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x62d66571; retrying against current time: 0x6985810f.
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME (-23033) w/ timestamp=0x6985810f/now.
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8afd30000 LB 0x030a3000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-string-l1-1-0'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-l1-2-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-datetime-l1-1-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-obsolete-l1-2-0'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8afd30000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll'
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x62d66498; retrying against current time: 0x69858110.
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME (-23033) w/ timestamp=0x69858110/now.
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b8490000 LB 0x00409000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b8490000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll'
+d2b0.92a8: supR3HardenedDllNotificationCallback: Unload 00007ff8afd30000 LB 0x030a3000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll [flags=0x0]
+d2b0.92a8: supR3HardenedDllNotificationCallback: Unload 00007ff9b8490000 LB 0x00409000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll [flags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff8afd30000 LB 0x030a3000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-string-l1-1-0'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-l1-2-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-datetime-l1-1-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-obsolete-l1-2-0'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8afd30000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b8490000 LB 0x00409000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b8490000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\directxdatabasehelper.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\directxdatabasehelper.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9ba990000 LB 0x00063000 C:\WINDOWS\SYSTEM32\directxdatabasehelper.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\directxdatabasehelper.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\directxdatabasehelper.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-core-resourcepolicy-l1-1-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-core-resourcepolicy-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bdc20000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bdc20000 'ext-ms-win-core-resourcepolicy-l1-1-0.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll'
+d2b0.92a8: supR3HardenedDllNotificationCallback: Unload 00007ff9bdc20000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [flags=0x0]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c2990000 'C:\WINDOWS\System32\gdi32.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DXCore.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dxcore.dll (Input=dxcore.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bd520000 'C:\WINDOWS\System32\dxcore.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c32c0000 'C:\WINDOWS\System32\ntdll.dll'
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll: Signature #2/3: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x68756a57; retrying against current time: 0x69858110.
+d2b0.92a8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll: Signature #2/3: VERR_CR_X509_CPV_NOT_VALID_AT_TIME (-23033) w/ timestamp=0x69858110/now.
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'version.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99cd30000 LB 0x0003a000 C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-fibers-l1-1-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff99cd30000 'C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll'
+d2b0.92a8: supR3HardenedDllNotificationCallback: Unload 00007ff99cd30000 LB 0x0003a000 C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll [flags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99cd30000 LB 0x0003a000 C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-fibers-l1-1-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff99cd30000 'C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll'
+d2b0.92a8: supR3HardenedDllNotificationCallback: Unload 00007ff8afd30000 LB 0x030a3000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd9dxva64.dll [flags=0x0]
+d2b0.92a8: supR3HardenedDllNotificationCallback: Unload 00007ff9b8490000 LB 0x00409000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdgmm64.dll [flags=0x0]
+d2b0.92a8: supR3HardenedDllNotificationCallback: Unload 00007ff8d6680000 LB 0x001af000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdumdim64.dll [flags=0x0]
+d2b0.98ac: supR3HardenedDllNotificationCallback: Unload 00007ff99cd30000 LB 0x0003a000 C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_644227a2301004cb\nvdlistx.dll [flags=0x0]
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cb8 pwszName=\Device\HarddiskVolume3\Windows\System32\DataExchange.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7CB65CD114ED7E0BA34D61E8D0CAFF90164AA1E9
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package041120~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\DataExchange.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9876a0000 LB 0x0005a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9876a0000 'C:\WINDOWS\system32\dataexchange.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'combase.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b31e0000 LB 0x00244000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'oleaut32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9aa780000 LB 0x00149000 C:\WINDOWS\SYSTEM32\textinputframework.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'msvcp_win.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9bc2f0000 LB 0x00127000 C:\WINDOWS\SYSTEM32\CoreMessaging.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-security-sddl-l1-1-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-security-sddl-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c31c0000 'api-ms-win-security-sddl-l1-1-0.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c26b0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c26b0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'coremessaging.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9b9b10000 LB 0x002e2000 C:\WINDOWS\SYSTEM32\CoreUIComponents.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c11c0000 'C:\WINDOWS\System32\RPCRT4.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-security-systemfunctions-l1-1-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-security-systemfunctions-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c3100000 'api-ms-win-security-systemfunctions-l1-1-0'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c2f90000 'C:\WINDOWS\System32\MSCTF.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dac pwszName=\Device\HarddiskVolume3\Windows\System32\oleacc.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=588366F87B41B668036615AF174C94016D642112
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04111~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\oleacc.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleacc.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleacc.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a8310000 LB 0x00079000 C:\WINDOWS\system32\Oleacc.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a8310000 'C:\WINDOWS\system32\Oleacc.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1b40000 'C:\WINDOWS\System32\OLEAUT32.DLL'
+d2b0.892c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\SYSTEM32\UIAutomationCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.892c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a4830000 'C:\WINDOWS\SYSTEM32\UIAutomationCore.dll'
+d2b0.892c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sxs.dll)
+d2b0.892c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sxs.dll
+d2b0.892c: supR3HardenedDllNotificationCallback: load   00007ff9bf910000 LB 0x000a2000 C:\WINDOWS\SYSTEM32\sxs.dll [fFlags=0x0]
+d2b0.892c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sxs.dll [avoiding WinVerifyTrust]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sxs.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a8310000 'C:\Windows\System32\oleacc.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c3100000 'C:\WINDOWS\System32\ADVAPI32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1340000 'C:\WINDOWS\System32\ole32.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1b40000 'C:\WINDOWS\System32\OLEAUT32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e4c pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=42933EDAB98A095DF8CCB1CA23B4E426D86D185D
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0012~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'wbemcomn.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e1c pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D426E85079FCA542424F0B81142ADF724CE27AFE
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0012~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a7410000 LB 0x0007a000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a7490000 LB 0x00012000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a7490000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000de0 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=490A1D302A1165545245C53953558246F0CFC4CB
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0012~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a64a0000 LB 0x00015000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a64a0000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-l1-2-0.dll'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e7c pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1E7C377968D4D3581D4A673F337762C604A33880
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0012~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff9a64c0000 LB 0x000f1000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a64c0000 'C:\WINDOWS\system32\wbem\fastprox.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000edc pwszName=\Device\HarddiskVolume3\Windows\System32\amsi.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=184D676080373693A88754BAB4C700D01D774483
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\amsi.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\amsi.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\amsi.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99f0f0000 LB 0x0001d000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff99f0f0000 'C:\WINDOWS\System32\amsi.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpOAV.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpOAV.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpOav.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpOAV.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff99eb40000 LB 0x000a2000 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpOav.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpOAV.dll
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-synch-l1-2-0'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-fibers-l1-1-1'
+d2b0.92a8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-2) -> 0x0, fPresent=1
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-2 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9bfbd0000 'api-ms-win-core-fibers-l1-1-2'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c10f0000 'C:\WINDOWS\System32\kernel32.dll'
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\version.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b1710000 'C:\WINDOWS\system32\version.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff99eb40000 'C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpOav.dll'
+d2b0.73a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1340000 'C:\WINDOWS\system32\ole32.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1340000 'C:\WINDOWS\system32\ole32.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.a3ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.a3ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
+d2b0.a3ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.a3ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.a3ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.a3ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
+d2b0.a3ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
+d2b0.a3ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
+d2b0.a3ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'vcruntime140.dll'.
+d2b0.a3ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'vcruntime140_1.dll'.
+d2b0.a3ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcp140.dll'.
+d2b0.a3ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
+d2b0.a3ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.a3ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
+d2b0.a3ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.a3ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.a3ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.a3ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
+d2b0.a3ac: supR3HardenedDllNotificationCallback: load   00007ff996ad0000 LB 0x00022000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
+d2b0.a3ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
+d2b0.a3ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff996ad0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
+d2b0.8558: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.8558: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.8558: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.8558: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vcruntime140.dll'.
+d2b0.8558: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140_1.dll'.
+d2b0.8558: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcp140.dll'.
+d2b0.8558: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
+d2b0.8558: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.8558: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.8558: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.8558: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.8558: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
+d2b0.8558: supR3HardenedDllNotificationCallback: load   00007ff9a50a0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
+d2b0.8558: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
+d2b0.8558: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a50a0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c1e30000 'C:\WINDOWS\system32\Shell32.dll'
+d2b0.dd4c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000102c pwszName=\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
+d2b0.dd4c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.dd4c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.dd4c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DA05BE3F0407A730926917FA50A1A2B090121292
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~10.0.26100.7623.cat'; file='\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll'
+d2b0.dd4c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'devobj.dll'.
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff939150000 LB 0x00060000 C:\WINDOWS\system32\WinHvPlatform.dll [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff939150000 'C:\WINDOWS\system32\WinHvPlatform.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vid.dll) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vid.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff9996c0000 LB 0x0003e000 C:\WINDOWS\system32\vid.dll [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9996c0000 'C:\WINDOWS\system32\vid.dll'
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c32c0000 'C:\WINDOWS\system32\NTDLL.DLL'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxddu.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxdd2.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'setupapi.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'iphlpapi.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'vcruntime140.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'vcruntime140_1.dll'.
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140.dll'.
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'setupapi.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vcruntime140.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff98e3f0000 LB 0x00073000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff8b1490000 LB 0x00e5e000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff9be400000 LB 0x00034000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff8b22f0000 LB 0x00ae2000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8b22f0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8d7a20000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8b1490000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
+d2b0.dc04: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dc04: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dc04: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.dc04: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140.dll'.
+d2b0.dc04: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
+d2b0.dc04: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
+d2b0.dc04: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.dc04: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.dc04: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.dc04: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.dc04: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dc04: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
+d2b0.dc04: supR3HardenedDllNotificationCallback: load   00007ff99ef70000 LB 0x00015000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
+d2b0.dc04: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
+d2b0.dc04: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff99ef70000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
+d2b0.29ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.29ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.29ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.29ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vcruntime140.dll'.
+d2b0.29ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140_1.dll'.
+d2b0.29ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcp140.dll'.
+d2b0.29ec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
+d2b0.29ec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.29ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.29ec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.29ec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
+d2b0.29ec: supR3HardenedDllNotificationCallback: load   00007ff9a1790000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
+d2b0.29ec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
+d2b0.29ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9a1790000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
+d2b0.8fa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.8fa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.8fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
+d2b0.8fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vcruntime140.dll'.
+d2b0.8fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140_1.dll'.
+d2b0.8fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcp140.dll'.
+d2b0.8fa4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
+d2b0.8fa4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'...
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008]
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'...
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008]
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'...
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008]
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
+d2b0.8fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
+d2b0.8fa4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.8fa4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
+d2b0.8fa4: supR3HardenedDllNotificationCallback: load   00007ff99ef60000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
+d2b0.8fa4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
+d2b0.8fa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff99ef60000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'ws2_32.dll'.
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mswsock.dll) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mswsock.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff9beec0000 LB 0x0006b000 C:\WINDOWS\system32\mswsock.dll [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9beec0000 'C:\WINDOWS\system32\mswsock.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.dd4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.dd4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) WinVerifyTrust
+d2b0.dd4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.dd4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
+d2b0.dd4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
+d2b0.dd4c: supR3HardenedDllNotificationCallback: load   00007ff9b3790000 LB 0x00098000 C:\WINDOWS\System32\MMDevApi.dll [fFlags=0x0]
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b3790000 'C:\WINDOWS\System32\MMDevApi.dll'
+d2b0.dd4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.dd4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9b3790000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
+d2b0.bf54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.bf54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
+d2b0.bf54: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.bf54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0fd0000 'C:\WINDOWS\System32\WINTRUST.DLL'
+d2b0.bf54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\CRYPT32.dll'
+d2b0.bf54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.bf54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
+d2b0.bf54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
+d2b0.bf54: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll) WinVerifyTrust
+d2b0.bf54: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
+d2b0.bf54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
+d2b0.bf54: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
+d2b0.bf54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
+d2b0.bf54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
+d2b0.bf54: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.bf54: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
+d2b0.bf54: supR3HardenedDllNotificationCallback: load   00007ff9aa8d0000 LB 0x001b4000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
+d2b0.bf54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
+d2b0.bf54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9aa8d0000 'C:\WINDOWS\System32\AUDIOSES.DLL'
+d2b0.bf54: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll
+d2b0.bf54: supR3HardenedDllNotificationCallback: load   00007ff9bdc20000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
+d2b0.bf54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000165c pwszName=\Device\HarddiskVolume3\Windows\System32\ninput.dll
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000023dd71afd20
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000023dd71afd20
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0fd0000 'C:\WINDOWS\System32\WINTRUST.DLL'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\CRYPT32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=321312B626ED43E98BFCC4A7F8265C67DEBF5002
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9be8b0000 'C:\WINDOWS\system32\rsaenh.dll'
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c0270000 'C:\WINDOWS\System32\crypt32.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04112~31bf3856ad364e35~amd64~~10.0.26100.7705.cat'; file='\Device\HarddiskVolume3\Windows\System32\ninput.dll'
+d2b0.92a8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
+d2b0.92a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'oleaut32.dll'.
+d2b0.92a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ninput.dll) WinVerifyTrust
+d2b0.92a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ninput.dll
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
+d2b0.92a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Ninput.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
+d2b0.92a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ninput.dll
+d2b0.92a8: supR3HardenedDllNotificationCallback: load   00007ff984ca0000 LB 0x0007d000 C:\WINDOWS\system32\Ninput.dll [fFlags=0x0]
+d2b0.92a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ninput.dll
+d2b0.92a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff984ca0000 'C:\WINDOWS\system32\Ninput.dll'
diff --git a/UNIKERNEL_GUIDE.md b/UNIKERNEL_GUIDE.md
new file mode 100644
index 0000000..dacbd11
--- /dev/null
+++ b/UNIKERNEL_GUIDE.md
@@ -0,0 +1,76 @@
+# ☢️ AeThex OS: The Unikernel Path
+
+> "It's just a site... can we do what all this is pointing towards?"
+
+You are absolutely right. The ultimate form of AeThex is not a website running on Linux. **It is the Kernel itself.**
+
+To achieve a "Real AeThex Kernel" without building a Linux ISO, we use **Unikernels**.
+
+## What is this?
+Instead of: `Hardware -> Linux Kernel -> Ubuntu -> Node.js -> AeThex`  
+We do: `Hardware -> AeThex (as Kernel)`
+
+We use **Nanos (via OPS)** to compile your `dist/index.js` into a bootable disk image. This image has no shell, no SSH, no users. It just boots and runs your code.
+
+---
+
+## 🛠️ How to Build the Kernel
+
+### 1. Prerequisites
+You need a Linux environment (WSL2 works perfectly) and the `ops` tool.
+
+```bash
+# Install OPS (Orchestrator for Unikernels)
+curl https://ops.city/get.sh -sSfL | sh
+```
+
+### 2. Prepare the Build
+We need to bundle your server and client into a single distributable folder.
+
+```bash
+# Run the build script (creates /dist folder with everything)
+npm run build
+```
+
+### 3. Compile the Kernel
+Use the `ops.json` configuration I just created in your root folder.
+
+```bash
+# Build the image
+ops build dist/index.js -c ops.json -i aethex-kernel-v1
+
+# Run it locally (requires QEMU/KVM)
+ops run aethex-kernel-v1
+```
+
+---
+
+## 🖥️ The Architecture Shift
+
+When you run this, you have achieved the "Real OS" goal:
+
+1.  **The Brain (Server):** Is now a Unikernel. It boots in milliseconds. It is secure by design (no shell to hack).
+2.  **The Face (Client):** Since Unikernels don't have graphics drivers for React, you view the OS from a "Thin Client" (any other device's browser).
+
+### The "Sci-Fi" Console Setup
+If you want a dedicated laptop to *be* AeThex:
+1.  **Boot the Unikernel** on the metal (using Nanos).
+2.  **The screen will be black** (it's a headless kernel).
+3.  **The User Interface** is projected to any connected terminal.
+
+*To see pixels on the SAME machine, you would need to write a Display Driver in Node.js, which is functionally impossible today. The "Standard" Sci-Fi OS architecture is a Headless Core + Visual Terminals.*
+
+---
+
+## 📂 Configuration
+See `ops.json` in the root directory.
+
+```json
+{
+  "Target": "node",
+  "Args": ["dist/index.js"],
+  "Env": { "PORT": "80" }
+}
+```
+
+This tells the machine: "Your only purpose in life is to run this JavaScript file."
diff --git a/android/app/src/main/AndroidManifest.xml b/android/app/src/main/AndroidManifest.xml
index 92cd079..209a330 100644
--- a/android/app/src/main/AndroidManifest.xml
+++ b/android/app/src/main/AndroidManifest.xml
@@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android">
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    package="com.aethex.os">
 
     <application
         android:allowBackup="true"
diff --git a/android/app/src/main/assets/public/test.html b/android/app/src/main/assets/public/test.html
new file mode 100644
index 0000000..da759f7
--- /dev/null
+++ b/android/app/src/main/assets/public/test.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Test Page</title>
+    <style>
+        body {
+            background-color: #00FF00; /* Bright Green */
+            color: black;
+            font-size: 40px;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+            margin: 0;
+        }
+    </style>
+</head>
+<body>
+    <div>
+        <h1>TEST FILE LOADED</h1>
+        <p>If you see this, file access is working.</p>
+    </div>
+    <script>
+        console.log("Test file loaded successfully");
+        document.body.style.backgroundColor = "#00FF00";
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/android/app/src/main/java/com/aethex/os/MainActivity.java b/android/app/src/main/java/com/aethex/os/MainActivity.java
index c9c1527..63634b1 100644
--- a/android/app/src/main/java/com/aethex/os/MainActivity.java
+++ b/android/app/src/main/java/com/aethex/os/MainActivity.java
@@ -1,86 +1,70 @@
 package com.aethex.os;
 
-import android.os.Build;
 import android.os.Bundle;
-import android.util.Log;
-import android.view.View;
-import android.view.WindowManager;
-import androidx.core.view.WindowCompat;
-import androidx.core.view.WindowInsetsCompat;
-import androidx.core.view.WindowInsetsControllerCompat;
-
+import android.webkit.WebView;
+import android.webkit.WebSettings;
+import android.webkit.WebViewClient;
+import android.webkit.WebResourceRequest;
+import android.webkit.WebResourceError;
+import android.widget.Toast;
+import android.app.AlertDialog;
 import com.getcapacitor.BridgeActivity;
-import com.google.firebase.FirebaseApp;
-import com.google.firebase.FirebaseOptions;
+
+import android.util.Log;
 
 public class MainActivity extends BridgeActivity {
-	@Override
-	protected void onCreate(Bundle savedInstanceState) {
-		super.onCreate(savedInstanceState);
-
-		// Enable fullscreen immersive mode
-		enableImmersiveMode();
-
-		// Ensure Firebase is ready before any Capacitor plugin requests it; stay resilient if config is missing
-		try {
-			if (FirebaseApp.getApps(this).isEmpty()) {
-				FirebaseOptions options = null;
-				try {
-					options = FirebaseOptions.fromResource(this);
-				} catch (Exception ignored) {
-					// No google-services.json resources, we'll fall back below
-				}
-
-				if (options != null) {
-					FirebaseApp.initializeApp(getApplicationContext(), options);
-				} else {
-					// Minimal placeholder so Firebase-dependent plugins don't crash when config is absent
-					FirebaseOptions fallback = new FirebaseOptions.Builder()
-						.setApplicationId("1:000000000000:android:placeholder")
-						.setApiKey("FAKE_API_KEY")
-						.setProjectId("aethex-placeholder")
-						.build();
-					FirebaseApp.initializeApp(getApplicationContext(), fallback);
-				}
-			}
-		} catch (Exception e) {
-			Log.w("MainActivity", "Firebase init skipped: " + e.getMessage());
-		}
-	}
-
-	@Override
-	public void onWindowFocusChanged(boolean hasFocus) {
-		super.onWindowFocusChanged(hasFocus);
-		if (hasFocus) {
-			enableImmersiveMode();
-		}
-	}
-
-	private void enableImmersiveMode() {
-		View decorView = getWindow().getDecorView();
-		
-		// Full immersive mode - hide everything
-		WindowCompat.setDecorFitsSystemWindows(getWindow(), false);
-		
-		WindowInsetsControllerCompat controller = WindowCompat.getInsetsController(getWindow(), decorView);
-		if (controller != null) {
-			// Hide BOTH status bar and navigation bar completely
-			controller.hide(WindowInsetsCompat.Type.systemBars());
-			// Swipe from edge to temporarily show bars
-			controller.setSystemBarsBehavior(WindowInsetsControllerCompat.BEHAVIOR_SHOW_TRANSIENT_BARS_BY_SWIPE);
-		}
-
-		// Set bars to transparent when they do show
-		getWindow().setStatusBarColor(android.graphics.Color.TRANSPARENT);
-		getWindow().setNavigationBarColor(android.graphics.Color.TRANSPARENT);
-
-		// Keep screen on + extend into cutout areas
-		getWindow().addFlags(WindowManager.LayoutParams.FLAG_KEEP_SCREEN_ON);
-		
-		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
-			getWindow().getAttributes().layoutInDisplayCutoutMode = 
-				WindowManager.LayoutParams.LAYOUT_IN_DISPLAY_CUTOUT_MODE_SHORT_EDGES;
-		}
-	}
+    
+    // Using onStart to hijack the process immediately after bridge init
+    @Override
+    public void onStart() {
+        super.onStart();
+        if (this.bridge != null && this.bridge.getWebView() != null) {
+            loadCustomUrl();
+        }
+    }
+    
+    private void loadCustomUrl() {
+        WebView webView = this.bridge.getWebView();
+            
+        // Set WebView background to BLACK
+        webView.setBackgroundColor(0xFF000000);
+        
+        WebSettings settings = webView.getSettings();
+        settings.setJavaScriptEnabled(true);
+        settings.setDomStorageEnabled(true);
+        settings.setAllowFileAccess(true);
+        settings.setAllowContentAccess(true);
+        settings.setAllowFileAccessFromFileURLs(true);
+        settings.setAllowUniversalAccessFromFileURLs(true);
+        
+        // Add WebViewClient to catch errors
+        webView.setWebViewClient(new WebViewClient() {
+            @Override
+            public void onReceivedError(WebView view, WebResourceRequest request, WebResourceError error) {
+                Log.e("AeThexOS", "WebView Error: " + error.getDescription());
+                runOnUiThread(() -> {
+                    new AlertDialog.Builder(MainActivity.this)
+                        .setTitle("WebView Error")
+                        .setMessage("Failed to load: " + request.getUrl() + "\n\nReason: " + error.getDescription())
+                        .setPositiveButton("OK", null)
+                        .show();
+                });
+            }
+            
+            @Override
+            public void onPageFinished(WebView view, String url) {
+                Log.i("AeThexOS", "Page Loaded: " + url);
+                runOnUiThread(() -> {
+                    Toast.makeText(MainActivity.this, "Loaded: " + url, Toast.LENGTH_SHORT).show();
+                });
+            }
+        });
+        
+        // Clear cache to ensure we aren't loading stale files
+        webView.clearCache(true);
+        webView.clearHistory();
+        
+        // Force load our local test file
+        webView.loadUrl("file:///android_asset/public/test.html");
+    }
 }
-
diff --git a/auth_fix_run.log b/auth_fix_run.log
new file mode 100644
index 0000000..0307776
--- /dev/null
+++ b/auth_fix_run.log
@@ -0,0 +1,230 @@
+
+> rest-express@1.0.0 build:kernel
+> bash script/build-unikernel.sh
+
+═══════════════════════════════════════════════════════════════
+  AeThex OS - Unikernel Builder
+  Target: Nanos Unikernel (Bootable Image)
+═══════════════════════════════════════════════════════════════
+[*] Detected Windows Environment (MinGW/Git Bash).
+[*] Switching to WSL Context...
+[plugin vite:reporter] 
+(!) C:/Users/PCOEM/AeThexOS/AeThex-OS/node_modules/@capacitor/camera/dist/esm/index.js is dynamically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts but also statically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-native-features.ts, dynamic import will not move module into another chunk.
+
+
+(!) Some chunks are larger than 500 kB after minification. Consider:
+- Using dynamic import() to code-split the application
+- Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/configuration-options/#output-manualchunks
+- Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
+
+  dist\index.js  1.5mb
+
+Done in 1123ms
+    4.62 kB │ gzip:   1.43 kB
+../dist/public/assets/holographic_digital_security_seal_for_certification-DujiIi4u.png    557.88 kB
+../dist/public/assets/dark_subtle_digital_grid_texture-CW2Q0w3T.png                       965.43 kB
+../dist/public/assets/abstract_holographic_world_map_data_visualization-DA4sQHBK.png    1,343.40 kB
+../dist/public/assets/dark_digital_circuit_board_background-CqDjO0Wd.png                1,577.40 kB
+../dist/public/assets/index-C25YaYOI.css                                                  226.22 kB │ gzip:  29.40 kB
+../dist/public/assets/web-DZ3HkAbg.js                                                       0.12 kB │ gzip:   0.13 kB
+../dist/public/assets/web-DPJCvkTF.js                                                       0.28 kB │ gzip:   0.23 kB
+../dist/public/assets/web-a24r8sCo.js                                                       0.36 kB │ gzip:   0.25 kB
+../dist/public/assets/web-BPkARqmR.js                                                       0.38 kB │ gzip:   0.25 kB
+../dist/public/assets/web-DiUCUXaM.js                                                       0.42 kB │ gzip:   0.20 kB
+../dist/public/assets/web-jfjrrehZ.js                                                       0.76 kB │ gzip:   0.35 kB
+../dist/public/assets/web-DLPSmpR2.js                                                       0.90 kB │ gzip:   0.46 kB
+../dist/public/assets/web-D9jibmwr.js                                                       0.90 kB │ gzip:   0.47 kB
+../dist/public/assets/web-B4eFBhIm.js                                                       1.06 kB │ gzip:   0.34 kB
+../dist/public/assets/web-DjK0eNnT.js                                                       1.15 kB │ gzip:   0.55 kB
+../dist/public/assets/web-C68zp4qU.js                                                       2.44 kB │ gzip:   1.09 kB
+../dist/public/assets/web-CONwI-Dv.js                                                       3.45 kB │ gzip:   1.10 kB
+../dist/public/assets/web-BO91sTaU.js                                                       8.67 kB │ gzip:   2.95 kB
+../dist/public/assets/index-CJvwTLjS.js                                                 1,766.52 kB │ gzip: 471.18 kB
+✓ built in 7.67s
+building server...
+[*] Updating OPS package list...
+[*] Building Unikernel Image...
+    Running: /home/mrpiglr/.ops/bin/ops pkg load eyberg/node:v18.12.1 ...
+warning: overwriting existing file "/dist/index.js" hostpath old: dist/index.js new: "/mnt/c/Users/PCOEM/AeThexOS/AeThex-OS//dist/index.js"
+running local instance
+booting /home/mrpiglr/.ops/images/aethex-kernel-v1 ...
+[0.247822] en1: assigned 10.0.2.15
+⚠️  Node.js 18 and below are deprecated and will no longer be supported in future versions of @supabase/supabase-js. Please upgrade to Node.js 20 or later. For more information, visit: https://github.com/orgs/supabase/discussions/37217
+[dotenv@17.2.3] injecting env (8) from .env -- tip: ⚙️  suppress all logs with { quiet: true }
+[dotenv@17.2.3] injecting env (0) from .env -- tip: ⚙️  override existing env vars with { override: true }
+Warning: connect.session() MemoryStore is not
+designed for a production environment, as it will leak
+memory, and will not scale past a single process.
+9:45:36 AM [websocket] WebSocket server initialized
+9:45:36 AM [express] serving on port 8080
+9:45:36 AM [websocket] WebSocket available at ws://localhost:8080/socket.io
+(node:2) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time
+(Use `node --trace-warnings ...` to show where the warning was created)
+9:45:37 AM [express] GET /api/os/notifications 304 in 236ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+[2.193894] en1: assigned FE80::E03C:17FF:FEC3:4C59
+Socket.IO client connected: BAYqyUCmswYLvLqPAAAB
+9:47:11 AM [express] GET /api/os/notifications 304 in 118ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:48:11 AM [express] GET /api/os/notifications 304 in 136ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:48:48 AM [express] GET /api/os/notifications 304 in 99ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:48:52 AM [express] POST /api/auth/login 200 in 242ms :: {"success":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","email":"mrpiglr@gmail.com","username":"MrPiglr","isAdmin":true}}
+9:48:52 AM [express] GET /api/auth/session 200 in 47ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+Socket.IO client disconnected: BAYqyUCmswYLvLqPAAAB
+9:48:52 AM [express] GET /api/me/profile 200 in 53ms :: {"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","role":"oversee","onboarded":true,"updated_at":"2026-01-24T21:52:29.269+00:00","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","skills":[],"avatar_url":"https://pbs.twimg.com/profile_images/1932523737615826944/cl52l39H_400x400.jpg","banner_url":"https://pbs.twimg.com/profile_banners/840045181470621696/1750821581/600x200","social_links":{"github":"https://github.com/MrPiglr","discord":"MrPiglr","twitter":"https://twitter.com/MrPiglr"},"loyalty_points":25,"email":"mrpiglr@gmail.com","created_at":"2025-08-02T09:44:56.964865+00:00","user_type":"community_member","experience_level":"beginner","full_name":"Anderson","location":"","website_url":"https://mrpiglr.store","github_url":"https://github.com/MrPiglr","twitter_url":"","linkedin_url":"","total_xp":37,"level":1,"featured_badge_ids":null,"aethex_passport_id":"e393ea02-6e06-42da-9917-cb4d424a87e4","signature":"","status":"busy","telemetry_api_key":null,"active_title":"Virtuoso","suspended_at":null,"suspension_reason":null,"roblox_user_id":null,"roblox_access_token":null,"roblox_refresh_token":null,"roblox_token_expires_at":null,"experience":null,"education":null,"primary_role":null,"specialization":null,"is_verified":true}
+Socket.IO client connected: SONViRPBkUi1iTt5AAAD
+9:48:53 AM [express] GET /api/directory/architects 304 in 50ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+9:48:54 AM [express] GET /api/metrics 304 in 95ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:49:37 AM [express] GET /api/os/notifications 304 in 112ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:50:24 AM [express] GET /api/metrics 304 in 266ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:50:36 AM [express] GET /api/os/notifications 304 in 142ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:50:45 AM [express] GET /api/os/notifications 200 in 138ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:51:37 AM [express] GET /api/os/notifications 304 in 108ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:53:11 AM [express] GET /api/os/notifications 304 in 110ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:54:10 AM [express] GET /api/os/notifications 304 in 112ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:55:11 AM [express] GET /api/os/notifications 304 in 145ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:56:10 AM [express] GET /api/os/notifications 304 in 99ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:57:11 AM [express] GET /api/os/notifications 304 in 158ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:58:10 AM [express] GET /api/os/notifications 304 in 102ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:58:37 AM [express] GET /api/os/notifications 304 in 117ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:00:11 AM [express] GET /api/os/notifications 304 in 115ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:01:10 AM [express] GET /api/os/notifications 304 in 103ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:02:11 AM [express] GET /api/os/notifications 304 in 115ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:03:10 AM [express] GET /api/os/notifications 304 in 212ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:04:11 AM [express] GET /api/os/notifications 304 in 213ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:05:10 AM [express] GET /api/os/notifications 304 in 118ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:06:08 AM [express] GET /api/os/projects 200 in 48ms :: [{"id":"b1a2b3c4-d5e6-f7a8-b9c0-d1e2f3a4b5c6","title":"Internal Dashboard Redesign","status":"In Progress","engine":"React"},{"id":"b2b3c4d5-e6f7-a8b9-c0d1-e2f3a4b5c6d7","title":"Real-time Collaboration Feature","status":"Planning","engine":"WebSockets"},{"id":"0efc381c-8824-47a7-8e15-79238a8512f9","title":"All-IN-One","status":"planning","engine":"Roblox"}]
+10:06:11 AM [express] GET /api/os/notifications 304 in 95ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:07:10 AM [express] GET /api/os/notifications 304 in 110ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:08:11 AM [express] GET /api/os/notifications 304 in 201ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:09:10 AM [express] GET /api/os/notifications 304 in 127ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:10:11 AM [express] GET /api/os/notifications 304 in 108ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:11:10 AM [express] GET /api/os/notifications 304 in 135ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:11:59 AM [express] GET /api/os/notifications 304 in 128ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:12:10 AM [express] GET /api/metrics 304 in 116ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+Socket.IO client disconnected: SONViRPBkUi1iTt5AAAD
+10:12:14 AM [express] GET /api/auth/session 304 in 122ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:12:15 AM [express] GET /api/os/notifications 304 in 202ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: 1jlsWscUMHO4pzb9AAAF
+10:12:16 AM [express] GET /api/auth/session 304 in 51ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:12:22 AM [express] GET /api/directory/architects 304 in 95ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:12:22 AM [express] GET /api/metrics 304 in 200ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+10:13:16 AM [express] GET /api/os/notifications 304 in 155ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:14:15 AM [express] GET /api/os/notifications 304 in 156ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:15:16 AM [express] GET /api/os/notifications 304 in 201ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client disconnected: 1jlsWscUMHO4pzb9AAAF
+10:16:14 AM [express] GET /api/auth/session 304 in 100ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:16:14 AM [express] GET /api/os/notifications 304 in 179ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: 7HorosbrSbisLf-jAAAH
+10:16:16 AM [express] GET /api/auth/session 304 in 51ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:16:21 AM [express] GET /api/directory/architects 304 in 99ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:16:23 AM [express] GET /api/metrics 304 in 1275ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+10:16:53 AM [express] GET /api/metrics 304 in 154ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+10:17:15 AM [express] GET /api/os/notifications 304 in 244ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client disconnected: 7HorosbrSbisLf-jAAAH
+10:17:51 AM [express] GET /api/auth/session 304 in 95ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:17:51 AM [express] GET /api/os/notifications 304 in 174ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: oVmGjMBMmxoOQshEAAAJ
+10:17:53 AM [express] GET /api/auth/session 304 in 56ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:17:59 AM [express] GET /api/directory/architects 304 in 91ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:17:59 AM [express] GET /api/metrics 304 in 148ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+10:18:52 AM [express] GET /api/os/notifications 304 in 246ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:19:53 AM [express] GET /api/os/notifications 304 in 179ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:20:52 AM [express] GET /api/os/notifications 304 in 152ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:21:53 AM [express] GET /api/os/notifications 304 in 183ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:22:52 AM [express] GET /api/os/notifications 304 in 160ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:23:53 AM [express] GET /api/os/notifications 304 in 139ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:24:33 AM [express] GET /api/metrics 304 in 176ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+10:24:34 AM [express] GET /api/directory/architects 304 in 122ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:24:52 AM [express] GET /api/os/notifications 304 in 140ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:26:11 AM [express] GET /api/os/notifications 304 in 120ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:27:10 AM [express] GET /api/os/notifications 304 in 216ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:28:11 AM [express] GET /api/os/notifications 304 in 119ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:29:10 AM [express] GET /api/os/notifications 304 in 99ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:30:11 AM [express] GET /api/os/notifications 304 in 113ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:31:10 AM [express] GET /api/os/notifications 304 in 98ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:32:11 AM [express] GET /api/os/notifications 304 in 109ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:33:10 AM [express] GET /api/os/notifications 304 in 112ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:34:11 AM [express] GET /api/os/notifications 304 in 164ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:35:10 AM [express] GET /api/os/notifications 304 in 215ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:36:11 AM [express] GET /api/os/notifications 304 in 101ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:36:51 AM [express] GET /api/os/notifications 304 in 176ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client disconnected: oVmGjMBMmxoOQshEAAAJ
+10:36:55 AM [express] GET /api/auth/session 304 in 88ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:36:55 AM [express] GET /api/os/notifications 304 in 115ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: Hn3Vf4IWtV8vWti4AAAL
+10:36:57 AM [express] GET /api/auth/session 304 in 54ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:37:02 AM [express] GET /api/directory/architects 304 in 99ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:37:02 AM [express] GET /api/metrics 304 in 185ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+Socket.IO client disconnected: Hn3Vf4IWtV8vWti4AAAL
+10:37:10 AM [express] GET /api/auth/session 304 in 66ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:37:10 AM [express] GET /api/os/notifications 304 in 132ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: -4Oar_-DLHhd7XtkAAAN
+10:37:12 AM [express] GET /api/auth/session 304 in 55ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:37:17 AM [express] GET /api/directory/architects 304 in 115ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:37:17 AM [express] GET /api/metrics 304 in 153ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+10:38:11 AM [express] GET /api/os/notifications 304 in 102ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:39:10 AM [express] GET /api/os/notifications 304 in 100ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client disconnected: -4Oar_-DLHhd7XtkAAAN
+10:39:23 AM [express] GET /api/auth/session 304 in 104ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:39:23 AM [express] GET /api/os/notifications 304 in 143ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: HtMH2_fgsHXcTyVJAAAP
+10:39:25 AM [express] GET /api/auth/session 304 in 56ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:40:24 AM [express] GET /api/os/notifications 304 in 158ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:41:23 AM [express] GET /api/os/notifications 304 in 144ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:42:06 AM [express] GET /api/directory/architects 304 in 152ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:42:06 AM [express] GET /api/metrics 304 in 195ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+Socket.IO client disconnected: HtMH2_fgsHXcTyVJAAAP
+10:42:10 AM [express] GET /api/auth/session 304 in 62ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:42:10 AM [express] GET /api/os/notifications 304 in 129ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: vYDfSF0shJxfTWymAAAR
+10:42:12 AM [express] GET /api/auth/session 304 in 50ms :: {"authenticated":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","username":"MrPiglr","email":"mrpiglr@gmail.com","isAdmin":true}}
+10:42:18 AM [express] GET /api/directory/architects 304 in 100ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+10:42:18 AM [express] GET /api/metrics 304 in 139ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+10:43:10 AM [express] GET /api/os/notifications 304 in 103ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:44:11 AM [express] GET /api/os/notifications 304 in 119ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:45:10 AM [express] GET /api/os/notifications 304 in 113ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:46:11 AM [express] GET /api/os/notifications 304 in 129ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:47:10 AM [express] GET /api/os/notifications 304 in 126ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:48:11 AM [express] GET /api/os/notifications 304 in 107ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:49:10 AM [express] GET /api/os/notifications 304 in 112ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:50:11 AM [express] GET /api/os/notifications 304 in 101ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:51:10 AM [express] GET /api/os/notifications 304 in 210ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:52:11 AM [express] GET /api/os/notifications 304 in 107ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:53:10 AM [express] GET /api/os/notifications 304 in 119ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:54:11 AM [express] GET /api/os/notifications 304 in 264ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:55:10 AM [express] GET /api/os/notifications 304 in 99ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:56:11 AM [express] GET /api/os/notifications 304 in 111ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:57:10 AM [express] GET /api/os/notifications 304 in 146ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:58:11 AM [express] GET /api/os/notifications 304 in 114ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+10:59:10 AM [express] GET /api/os/notifications 304 in 107ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:00:11 AM [express] GET /api/os/notifications 304 in 119ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:01:10 AM [express] GET /api/os/notifications 304 in 120ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:02:11 AM [express] GET /api/os/notifications 304 in 129ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:03:10 AM [express] GET /api/os/notifications 304 in 128ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:04:11 AM [express] GET /api/os/notifications 304 in 110ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:05:10 AM [express] GET /api/os/notifications 304 in 138ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:06:11 AM [express] GET /api/os/notifications 304 in 113ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:07:10 AM [express] GET /api/os/notifications 304 in 111ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:08:11 AM [express] GET /api/os/notifications 304 in 111ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:09:10 AM [express] GET /api/os/notifications 304 in 125ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:10:11 AM [express] GET /api/os/notifications 304 in 109ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:11:10 AM [express] GET /api/os/notifications 304 in 114ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:12:11 AM [express] GET /api/os/notifications 304 in 99ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:13:10 AM [express] GET /api/os/notifications 304 in 114ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:14:11 AM [express] GET /api/os/notifications 304 in 113ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:15:10 AM [express] GET /api/os/notifications 304 in 108ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:16:11 AM [express] GET /api/os/notifications 304 in 99ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:17:10 AM [express] GET /api/os/notifications 304 in 104ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:18:11 AM [express] GET /api/os/notifications 304 in 116ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:19:10 AM [express] GET /api/os/notifications 304 in 124ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:20:11 AM [express] GET /api/os/notifications 304 in 108ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:21:10 AM [express] GET /api/os/notifications 304 in 200ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:22:11 AM [express] GET /api/os/notifications 304 in 112ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:23:10 AM [express] GET /api/os/notifications 304 in 94ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:24:11 AM [express] GET /api/os/notifications 304 in 134ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:25:10 AM [express] GET /api/os/notifications 304 in 95ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:26:11 AM [express] GET /api/os/notifications 304 in 110ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:27:10 AM [express] GET /api/os/notifications 304 in 98ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:28:11 AM [express] GET /api/os/notifications 304 in 101ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:29:10 AM [express] GET /api/os/notifications 304 in 100ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:30:11 AM [express] GET /api/os/notifications 304 in 108ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+11:31:10 AM [express] GET /api/os/notifications 304 in 124ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
diff --git a/boot.log b/boot.log
new file mode 100644
index 0000000..8407d9b
--- /dev/null
+++ b/boot.log
@@ -0,0 +1,2 @@
+booting aethex-kernel-v1-1770277445 ...
+onprem instance 'aethex-kernel-v1-1770277445' created...
diff --git a/boot_final.log b/boot_final.log
new file mode 100644
index 0000000..f63f77b
--- /dev/null
+++ b/boot_final.log
@@ -0,0 +1,2 @@
+booting aethex-kernel-v1-1770277533 ...
+onprem instance 'aethex-kernel-v1-1770277533' created...
diff --git a/build-fixed.sh b/build-fixed.sh
index e6fc3d8..aadea9f 100644
--- a/build-fixed.sh
+++ b/build-fixed.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -o pipefail
 set -e
 
 # AeThex OS - Full Layered Architecture Builder
@@ -29,7 +30,7 @@ for cmd in debootstrap xorriso genisoimage mksquashfs grub-mkrescue; do
   if ! command -v "$cmd" &> /dev/null; then
     echo "[!] Missing: $cmd - installing..."
     apt-get update -qq
-    apt-get install -y -qq "$cmd" 2>&1 | tail -5
+    apt-get install -y -qq "$cmd" 
   fi
 done
 
@@ -41,7 +42,7 @@ echo ""
 
 echo "[+] Bootstrapping Ubuntu 22.04 base system (older kernel 5.15)..."
 echo "    (debootstrap takes ~10-15 minutes...)"
-debootstrap --arch=amd64 --variant=minbase jammy "$ROOTFS_DIR" http://archive.ubuntu.com/ubuntu/ 2>&1 | tail -20
+debootstrap --arch=amd64 --variant=minbase jammy "$ROOTFS_DIR" http://archive.ubuntu.com/ubuntu/ 
 
 echo "[+] Configuring base system..."
 echo "aethex-os" > "$ROOTFS_DIR/etc/hostname"
@@ -80,10 +81,11 @@ chroot "$ROOTFS_DIR" bash -c '
     firefox thunar xfce4-terminal \
     file-roller mousepad ristretto \
     zenity notify-osd \
-    vim nano
+    vim nano \
+    ubiquity ubiquity-frontend-gtk ubiquity-ubuntu-artwork gparted
   
   apt-get clean
-' 2>&1 | tail -50
+' 
 
 echo ""
 echo "┌─────────────────────────────────────────────────────────────┐"
@@ -113,7 +115,7 @@ chroot "$ROOTFS_DIR" bash -c '
   apt-get install -y dxvk
   
   apt-get clean
-' 2>&1 | tail -30
+' 
 
 echo "[+] Setting up Wine runtime environment..."
 mkdir -p "$ROOTFS_DIR/opt/aethex/runtimes/windows"
@@ -158,7 +160,7 @@ chroot "$ROOTFS_DIR" bash -c '
   systemctl enable docker
   
   apt-get clean
-' 2>&1 | tail -20
+' 
 
 echo "[+] Installing development tools..."
 chroot "$ROOTFS_DIR" bash -c '
@@ -190,7 +192,7 @@ chroot "$ROOTFS_DIR" bash -c '
   apt-get install -y code
   
   apt-get clean
-' 2>&1 | tail -30
+' 
 
 echo "[+] Setting up dev runtime launchers..."
 mkdir -p "$ROOTFS_DIR/opt/aethex/runtimes/linux-dev"
@@ -226,7 +228,7 @@ echo "[+] Setting up AeThex Desktop application..."
 # Build mobile app if possible
 if [ -f "package.json" ]; then
   echo "    Building AeThex mobile app..."
-  npm run build 2>&1 | tail -5 || echo "    Build skipped"
+  npm run build  || echo "    Build skipped"
 fi
 
 # Copy app files
@@ -247,7 +249,7 @@ if [ -d "client" ] && [ -d "server" ]; then
   fi
   
   echo "    Installing dependencies..."
-  chroot "$ROOTFS_DIR" bash -c 'cd /opt/aethex-desktop && npm install --production --legacy-peer-deps' 2>&1 | tail -10 || true
+  chroot "$ROOTFS_DIR" bash -c 'cd /opt/aethex-desktop && npm install --production --legacy-peer-deps'  || true
 else
   echo "    (client/server not found; skipping)"
 fi
@@ -312,6 +314,20 @@ X-GNOME-Autostart-enabled=true
 Comment=Launch AeThex mobile interface in fullscreen
 EOF
 
+# Create Install Shortcut
+mkdir -p "$ROOTFS_DIR/home/aethex/Desktop"
+cat > "$ROOTFS_DIR/home/aethex/Desktop/install-aethex.desktop" << 'EOF'
+[Desktop Entry]
+Name=Install AeThex OS
+Comment=Install this system permanently to your hard drive
+Exec=sudo ubiquity
+Icon=ubiquity
+Terminal=false
+Type=Application
+Categories=System;
+EOF
+chmod +x "$ROOTFS_DIR/home/aethex/Desktop/install-aethex.desktop"
+
 chroot "$ROOTFS_DIR" chown -R aethex:aethex /home/aethex /opt/aethex-desktop 2>/dev/null || true
 
 echo ""
@@ -326,7 +342,7 @@ chroot "$ROOTFS_DIR" bash -c '
   KERNEL_VERSION=$(ls /boot/vmlinuz-* | sed "s|/boot/vmlinuz-||" | head -n 1)
   echo "    Rebuilding initramfs for kernel $KERNEL_VERSION with casper..."
   update-initramfs -u -k "$KERNEL_VERSION"
-' 2>&1 | tail -10
+' 
 
 echo "[+] Extracting kernel and initrd..."
 KERNEL="$(ls -1 $ROOTFS_DIR/boot/vmlinuz-* 2>/dev/null | head -n 1)"
@@ -359,23 +375,23 @@ umount -lf "$ROOTFS_DIR/dev" 2>/dev/null || true
 
 echo "[+] Creating SquashFS filesystem..."
 echo "    (compressing ~4-5GB system, takes 15-20 minutes...)"
-mksquashfs "$ROOTFS_DIR" "$ISO_DIR/casper/filesystem.squashfs" -b 1048576 -comp xz -Xdict-size 100% 2>&1 | tail -5
+mksquashfs "$ROOTFS_DIR" "$ISO_DIR/casper/filesystem.squashfs" -b 1048576 -comp xz -Xdict-size 100% 
 
 echo "[+] Setting up BIOS boot (isolinux)..."
 cat > "$ISO_DIR/isolinux/isolinux.cfg" << 'EOF'
-PROMPT 0
-TIMEOUT 50
+PROMPT 1
+TIMEOUT 100
 DEFAULT linux
 
 LABEL linux
   MENU LABEL AeThex OS - Full Stack
   KERNEL /casper/vmlinuz
-  APPEND initrd=/casper/initrd.img boot=casper quiet splash ---
+  APPEND initrd=/casper/initrd.img boot=casper username=aethex quiet splash ---
 
 LABEL safe
-  MENU LABEL AeThex OS - Safe Mode (No ACPI)
+  MENU LABEL AeThex OS - Safe Mode (Graphics Fix)
   KERNEL /casper/vmlinuz
-  APPEND initrd=/casper/initrd.img boot=casper acpi=off noapic nomodeset ---
+  APPEND initrd=/casper/initrd.img boot=casper username=aethex nomodeset ---
 EOF
 
 cp /usr/lib/syslinux/isolinux.bin "$ISO_DIR/isolinux/" 2>/dev/null || \
@@ -389,23 +405,23 @@ set timeout=10
 set default=0
 
 menuentry "AeThex OS - Full Stack" {
-  linux /casper/vmlinuz boot=casper quiet splash ---
+  linux /casper/vmlinuz boot=casper username=aethex quiet splash ---
   initrd /casper/initrd.img
 }
 
-menuentry "AeThex OS - Safe Mode (No ACPI)" {
-  linux /casper/vmlinuz boot=casper acpi=off noapic nomodeset ---
+menuentry "AeThex OS - Safe Mode (Graphics Fix)" {
+  linux /casper/vmlinuz boot=casper username=aethex nomodeset ---
   initrd /casper/initrd.img
 }
 
 menuentry "AeThex OS - Debug Mode" {
-  linux /casper/vmlinuz boot=casper debug ignore_loglevel earlyprintk=vga ---
+  linux /casper/vmlinuz boot=casper username=aethex debug ignore_loglevel earlyprintk=vga ---
   initrd /casper/initrd.img
 }
 EOF
 
 echo "[+] Creating hybrid ISO..."
-grub-mkrescue -o "$BUILD_DIR/$ISO_NAME" "$ISO_DIR" --verbose 2>&1 | tail -20
+grub-mkrescue -o "$BUILD_DIR/$ISO_NAME" "$ISO_DIR" --verbose 
 
 echo "[+] Computing SHA256 checksum..."
 if [ -f "$BUILD_DIR/$ISO_NAME" ]; then
diff --git a/build-kernel.ps1 b/build-kernel.ps1
new file mode 100644
index 0000000..20a1c33
--- /dev/null
+++ b/build-kernel.ps1
@@ -0,0 +1,37 @@
+#!/usr/bin/env pwsh
+# AeThex OS - Unikernel Build Wrapper for Windows/WSL
+
+Write-Host "═══════════════════════════════════════════════════════════════" -ForegroundColor Cyan
+Write-Host "  AeThex OS - Unikernel Builder (Windows -> WSL)" -ForegroundColor Cyan
+Write-Host "═══════════════════════════════════════════════════════════════"
+Write-Host ""
+
+# 1. Check if OPS is installed in WSL
+$checkOps = wsl bash -c "command -v ops"
+if (-not $checkOps) {
+    Write-Host "[!] 'ops' is not installed in WSL." -ForegroundColor Red
+    Write-Host "    Installing it now..." -ForegroundColor Yellow
+    wsl bash -c "curl https://ops.city/get.sh -sSfL | sh"
+    Write-Host "[OK] OPS Installed." -ForegroundColor Green
+    Write-Host ""
+}
+
+# 2. Convert line endings of the build script just in case
+$scriptPath = "script/build-unikernel.sh"
+if (Test-Path $scriptPath) {
+    (Get-Content $scriptPath) -join "`n" | Set-Content $scriptPath -NoNewline
+}
+
+# 3. Run the build inside WSL
+# We explicitly set the working directory to the current folder mapped in WSL
+Write-Host "[*] Building Kernel..." -ForegroundColor Yellow
+wsl bash -c "cd '$PWD' && bash script/build-unikernel.sh"
+
+if ($LASTEXITCODE -eq 0) {
+    Write-Host ""
+    Write-Host "[OK] Kernel Image Created Successfully!" -ForegroundColor Green
+    Write-Host "    To run it, type: wsl ops run aethex-kernel-v1" -ForegroundColor Gray
+} else {
+    Write-Host ""
+    Write-Host "[!] Build Failed." -ForegroundColor Red
+}
diff --git a/build_and_run.log b/build_and_run.log
new file mode 100644
index 0000000..a049a17
--- /dev/null
+++ b/build_and_run.log
@@ -0,0 +1,44 @@
+
+> rest-express@1.0.0 build:kernel
+> bash script/build-unikernel.sh
+
+═══════════════════════════════════════════════════════════════
+  AeThex OS - Unikernel Builder
+  Target: Nanos Unikernel (Bootable Image)
+═══════════════════════════════════════════════════════════════
+[*] Detected Windows Environment (MinGW/Git Bash).
+[*] Switching to WSL Context...
+qemu-system-x86_64: terminating on signal 15 from pid 3662812 ()
+�═════════════════════════════════════════
+  AeThex OS - Unikernel Builder
+  Target: Nanos Unikernel (Bootable Image)
+═══════════════════════════════════════════════════════════════
+[*] Using OPS binary: /home/mrpiglr/.ops/bin/ops
+[*] Updating OPS package list...
+[*] Building Unikernel Image...
+    Running: /home/mrpiglr/.ops/bin/ops pkg load eyberg/node:v18.12.1 ...
+warning: overwriting existing file "/dist/index.js" hostpath old: dist/index.js new: "/mnt/c/Users/PCOEM/AeThexOS/AeThex-OS//dist/index.js"
+running local instance
+booting /home/mrpiglr/.ops/images/aethex-kernel-v1 ...
+[0.563567] en1: assigned 10.0.2.15
+⚠️  Node.js 18 and below are deprecated and will no longer be supported in future versions of @supabase/supabase-js. Please upgrade to Node.js 20 or later. For more information, visit: https://github.com/orgs/supabase/discussions/37217
+[dotenv@17.2.3] injecting env (8) from .env -- tip: 🔐 prevent building .env in docker: https://dotenvx.com/prebuild
+[dotenv@17.2.3] injecting env (0) from .env -- tip: ⚙️  write to custom object with { processEnv: myObject }
+Warning: connect.session() MemoryStore is not
+designed for a production environment, as it will leak
+memory, and will not scale past a single process.
+7:46:19 AM [websocket] WebSocket server initialized
+7:46:19 AM [express] serving on port 8080
+7:46:19 AM [websocket] WebSocket available at ws://localhost:8080/socket.io
+[2.414827] en1: assigned FE80::2CC3:44FF:FEF8:D3F3
+(node:2) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time
+(Use `node --trace-warnings ...` to show where the warning was created)
+
+[✓] Build Complete.
+    Image: ~/.ops/images/aethex-kernel-v1
+
+To boot the kernel:
+    /home/mrpiglr/.ops/bin/ops run aethex-kernel-v1
+
+To deploy to AWS/GCP:
+    /home/mrpiglr/.ops/bin/ops image create -c ops.json -i aethex-kernel-v1 -t aws
diff --git a/build_and_run_clean.log b/build_and_run_clean.log
new file mode 100644
index 0000000..57e3a4e
--- /dev/null
+++ b/build_and_run_clean.log
@@ -0,0 +1,72 @@
+
+> rest-express@1.0.0 build:kernel
+> bash script/build-unikernel.sh
+
+═══════════════════════════════════════════════════════════════
+  AeThex OS - Unikernel Builder
+  Target: Nanos Unikernel (Bootable Image)
+═══════════════════════════════════════════════════════════════
+[*] Detected Windows Environment (MinGW/Git Bash).
+[*] Switching to WSL Context...
+[plugin vite:reporter] 
+(!) C:/Users/PCOEM/AeThexOS/AeThex-OS/node_modules/@capacitor/camera/dist/esm/index.js is dynamically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts but also statically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-native-features.ts, dynamic import will not move module into another chunk.
+
+
+(!) Some chunks are larger than 500 kB after minification. Consider:
+- Using dynamic import() to code-split the application
+- Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/configuration-options/#output-manualchunks
+- Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
+
+  dist\index.js  1.5mb
+
+Done in 6064ms
+qemu-system-x86_64: terminating on signal 15 from pid 3672638 (<unknown process>)
+assets/holographic_digital_security_seal_for_certification-DujiIi4u.png    557.88 kB
+../dist/public/assets/dark_subtle_digital_grid_texture-CW2Q0w3T.png                       965.43 kB
+../dist/public/assets/abstract_holographic_world_map_data_visualization-DA4sQHBK.png    1,343.40 kB
+../dist/public/assets/dark_digital_circuit_board_background-CqDjO0Wd.png                1,577.40 kB
+../dist/public/assets/index-C25YaYOI.css                                                  226.22 kB │ gzip:  29.40 kB
+../dist/public/assets/web-DZ3HkAbg.js                                                       0.12 kB │ gzip:   0.13 kB
+../dist/public/assets/web-DPJCvkTF.js                                                       0.28 kB │ gzip:   0.23 kB
+../dist/public/assets/web-a24r8sCo.js                                                       0.36 kB │ gzip:   0.25 kB
+../dist/public/assets/web-BPkARqmR.js                                                       0.38 kB │ gzip:   0.25 kB
+../dist/public/assets/web-DiUCUXaM.js                                                       0.42 kB │ gzip:   0.20 kB
+../dist/public/assets/web-jfjrrehZ.js                                                       0.76 kB │ gzip:   0.35 kB
+../dist/public/assets/web-DLPSmpR2.js                                                       0.90 kB │ gzip:   0.46 kB
+../dist/public/assets/web-D9jibmwr.js                                                       0.90 kB │ gzip:   0.47 kB
+../dist/public/assets/web-B4eFBhIm.js                                                       1.06 kB │ gzip:   0.34 kB
+../dist/public/assets/web-DjK0eNnT.js                                                       1.15 kB │ gzip:   0.55 kB
+../dist/public/assets/web-C68zp4qU.js                                                       2.44 kB │ gzip:   1.09 kB
+../dist/public/assets/web-CONwI-Dv.js                                                       3.45 kB │ gzip:   1.10 kB
+../dist/public/assets/web-BO91sTaU.js                                                       8.67 kB │ gzip:   2.95 kB
+../dist/public/assets/index-CJvwTLjS.js                                                 1,766.52 kB │ gzip: 471.18 kB
+✓ built in 23.30s
+building server...
+[*] Updating OPS package list...
+[*] Building Unikernel Image...
+    Running: /home/mrpiglr/.ops/bin/ops pkg load eyberg/node:v18.12.1 ...
+warning: overwriting existing file "/dist/index.js" hostpath old: dist/index.js new: "/mnt/c/Users/PCOEM/AeThexOS/AeThex-OS//dist/index.js"
+running local instance
+booting /home/mrpiglr/.ops/images/aethex-kernel-v1 ...
+[0.670397] en1: assigned 10.0.2.15
+⚠️  Node.js 18 and below are deprecated and will no longer be supported in future versions of @supabase/supabase-js. Please upgrade to Node.js 20 or later. For more information, visit: https://github.com/orgs/supabase/discussions/37217
+[dotenv@17.2.3] injecting env (8) from .env -- tip: ⚙️  load multiple .env files with { path: ['.env.local', '.env'] }
+[dotenv@17.2.3] injecting env (0) from .env -- tip: 🛠️  run anywhere with `dotenvx run -- yourcommand`
+Warning: connect.session() MemoryStore is not
+designed for a production environment, as it will leak
+memory, and will not scale past a single process.
+7:47:46 AM [websocket] WebSocket server initialized
+7:47:46 AM [express] serving on port 8080
+7:47:46 AM [websocket] WebSocket available at ws://localhost:8080/socket.io
+[2.509299] en1: assigned FE80::D0DD:70FF:FE6F:CD82
+(node:2) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time
+(Use `node --trace-warnings ...` to show where the warning was created)
+
+[✓] Build Complete.
+    Image: ~/.ops/images/aethex-kernel-v1
+
+To boot the kernel:
+    /home/mrpiglr/.ops/bin/ops run aethex-kernel-v1
+
+To deploy to AWS/GCP:
+    /home/mrpiglr/.ops/bin/ops image create -c ops.json -i aethex-kernel-v1 -t aws
diff --git a/cache_fix_run.log b/cache_fix_run.log
new file mode 100644
index 0000000..40f91b1
--- /dev/null
+++ b/cache_fix_run.log
@@ -0,0 +1,108 @@
+
+> rest-express@1.0.0 build:kernel
+> bash script/build-unikernel.sh
+
+═══════════════════════════════════════════════════════════════
+  AeThex OS - Unikernel Builder
+  Target: Nanos Unikernel (Bootable Image)
+═══════════════════════════════════════════════════════════════
+[*] Detected Windows Environment (MinGW/Git Bash).
+[*] Switching to WSL Context...
+[plugin vite:reporter] 
+(!) C:/Users/PCOEM/AeThexOS/AeThex-OS/node_modules/@capacitor/camera/dist/esm/index.js is dynamically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts but also statically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-native-features.ts, dynamic import will not move module into another chunk.
+
+
+(!) Some chunks are larger than 500 kB after minification. Consider:
+- Using dynamic import() to code-split the application
+- Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/configuration-options/#output-manualchunks
+- Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
+
+  dist\index.js  1.5mb
+
+Done in 2791ms
+qemu-system-x86_64: terminating on signal 15 from pid 838 (pkill)
+m../dist/public/assets/holographic_digital_security_seal_for_certification-DujiIi4u.png    557.88 kB
+../dist/public/assets/dark_subtle_digital_grid_texture-CW2Q0w3T.png                       965.43 kB
+../dist/public/assets/abstract_holographic_world_map_data_visualization-DA4sQHBK.png    1,343.40 kB
+../dist/public/assets/dark_digital_circuit_board_background-CqDjO0Wd.png                1,577.40 kB
+../dist/public/assets/index-C25YaYOI.css                                                  226.22 kB │ gzip:  29.40 kB
+../dist/public/assets/web-DZ3HkAbg.js                                                       0.12 kB │ gzip:   0.13 kB
+../dist/public/assets/web-DPJCvkTF.js                                                       0.28 kB │ gzip:   0.23 kB
+../dist/public/assets/web-a24r8sCo.js                                                       0.36 kB │ gzip:   0.25 kB
+../dist/public/assets/web-BPkARqmR.js                                                       0.38 kB │ gzip:   0.25 kB
+../dist/public/assets/web-DiUCUXaM.js                                                       0.42 kB │ gzip:   0.20 kB
+../dist/public/assets/web-jfjrrehZ.js                                                       0.76 kB │ gzip:   0.35 kB
+../dist/public/assets/web-DLPSmpR2.js                                                       0.90 kB │ gzip:   0.46 kB
+../dist/public/assets/web-D9jibmwr.js                                                       0.90 kB │ gzip:   0.47 kB
+../dist/public/assets/web-B4eFBhIm.js                                                       1.06 kB │ gzip:   0.34 kB
+../dist/public/assets/web-DjK0eNnT.js                                                       1.15 kB │ gzip:   0.55 kB
+../dist/public/assets/web-C68zp4qU.js                                                       2.44 kB │ gzip:   1.09 kB
+../dist/public/assets/web-CONwI-Dv.js                                                       3.45 kB │ gzip:   1.10 kB
+../dist/public/assets/web-BO91sTaU.js                                                       8.67 kB │ gzip:   2.95 kB
+../dist/public/assets/index-CJvwTLjS.js                                                 1,766.52 kB │ gzip: 471.18 kB
+✓ built in 11.40s
+building server...
+[*] Updating OPS package list...
+[*] Building Unikernel Image...
+    Running: /home/mrpiglr/.ops/bin/ops pkg load eyberg/node:v18.12.1 ...
+warning: overwriting existing file "/dist/index.js" hostpath old: dist/index.js new: "/mnt/c/Users/PCOEM/AeThexOS/AeThex-OS//dist/index.js"
+running local instance
+booting /home/mrpiglr/.ops/images/aethex-kernel-v1 ...
+[0.354227] en1: assigned 10.0.2.15
+⚠️  Node.js 18 and below are deprecated and will no longer be supported in future versions of @supabase/supabase-js. Please upgrade to Node.js 20 or later. For more information, visit: https://github.com/orgs/supabase/discussions/37217
+[dotenv@17.2.3] injecting env (8) from .env -- tip: ⚙️  write to custom object with { processEnv: myObject }
+[dotenv@17.2.3] injecting env (0) from .env -- tip: ⚙️  suppress all logs with { quiet: true }
+Warning: connect.session() MemoryStore is not
+designed for a production environment, as it will leak
+memory, and will not scale past a single process.
+9:33:49 AM [websocket] WebSocket server initialized
+[DEBUG] Static File Setup - CWD: /, __dirname: /dist
+[DEBUG] Final Static Path: /dist/public
+[DEBUG] Found 19 assets in /dist/public/assets
+9:33:49 AM [express] serving on port 8080
+9:33:49 AM [websocket] WebSocket available at ws://localhost:8080/socket.io
+[2.259727] en1: assigned FE80::98B4:A5FF:FE25:1725
+(node:2) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time
+(Use `node --trace-warnings ...` to show where the warning was created)
+9:34:36 AM [express] GET /api/auth/session 200 in 5ms :: {"authenticated":false}
+9:34:36 AM [express] GET /api/os/notifications 200 in 206ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+Socket.IO client connected: YwylAs27kYZP1hH6AAAB
+9:34:38 AM [express] GET /api/auth/session 304 in 4ms :: {"authenticated":false}
+[DEBUG] SPA Fallback for: /mobile
+[DEBUG] SPA Fallback for: /home
+9:35:07 AM [express] GET /api/directory/architects 200 in 109ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+9:35:07 AM [express] GET /api/metrics 200 in 172ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:35:37 AM [express] GET /api/os/notifications 304 in 155ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:35:37 AM [express] POST /api/auth/login 200 in 271ms :: {"success":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","email":"mrpiglr@gmail.com","username":"MrPiglr","isAdmin":true}}
+9:35:37 AM [express] GET /api/auth/session 304 in 1ms :: {"authenticated":false}
+9:35:38 AM [express] GET /api/metrics 304 in 101ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:35:42 AM [express] POST /api/auth/login 200 in 215ms :: {"success":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","email":"mrpiglr@gmail.com","username":"MrPiglr","isAdmin":true}}
+9:35:42 AM [express] GET /api/auth/session 304 in 1ms :: {"authenticated":false}
+9:36:08 AM [express] GET /api/directory/architects 304 in 104ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+9:36:08 AM [express] GET /api/metrics 304 in 161ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:36:37 AM [express] GET /api/os/notifications 304 in 155ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:36:38 AM [express] GET /api/metrics 304 in 131ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:37:37 AM [express] GET /api/os/notifications 304 in 198ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:38:37 AM [express] GET /api/os/notifications 304 in 144ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:39:36 AM [express] GET /api/os/notifications 304 in 150ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:40:37 AM [express] GET /api/os/notifications 304 in 261ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:42:11 AM [express] GET /api/os/notifications 304 in 156ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:43:10 AM [express] GET /api/os/notifications 304 in 112ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:43:38 AM [express] GET /api/os/notifications 304 in 153ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+9:43:53 AM [express] GET /api/metrics 304 in 114ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:43:53 AM [express] GET /api/directory/architects 304 in 74ms :: [{"id":"001","name":"Anderson","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"5a2cb1cd-b15e-4e45-9c77-63c77299ec8a","skills":null,"username":"andersongladney@gmail.com"},{"id":"002","name":"Faded","role":"admin","bio":"Welcome to my AeThex profile!","level":1,"xp":0,"passportId":"1afcc47d-4128-4f10-947e-4a0c1fedb402","skills":null,"username":"Faded"},{"id":"003","name":"Anderson","role":"oversee","bio":"As MrPiglr, the visionary behind AeThex (conceptualized in 2016, established in 2022), I'm pushing the metaverse game development boundaries.","level":1,"xp":37,"passportId":"e393ea02-6e06-42da-9917-cb4d424a87e4","skills":[],"username":"MrPiglr"}]
+9:43:55 AM [express] POST /api/auth/login 200 in 263ms :: {"success":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","email":"mrpiglr@gmail.com","username":"MrPiglr","isAdmin":true}}
+9:43:55 AM [express] GET /api/auth/session 304 in 0ms :: {"authenticated":false}
+9:44:23 AM [express] GET /api/metrics 304 in 167ms :: {"totalProfiles":21,"totalProjects":3,"onlineUsers":1,"verifiedUsers":1,"totalXP":37,"avgLevel":1}
+9:44:25 AM [express] POST /api/auth/login 200 in 237ms :: {"success":true,"user":{"id":"f2719189-f99f-48b6-aafd-b429b0e2a804","email":"mrpiglr@gmail.com","username":"MrPiglr","isAdmin":true}}
+9:44:25 AM [express] GET /api/auth/session 304 in 0ms :: {"authenticated":false}
+9:44:37 AM [express] GET /api/os/notifications 304 in 162ms :: [{"id":1,"message":"21 architects in network","type":"info"},{"id":2,"message":"3 active projects","type":"info"},{"id":3,"message":"Aegis security active","type":"success"}]
+
+[✓] Build Complete.
+    Image: ~/.ops/images/aethex-kernel-v1
+
+To boot the kernel:
+    /home/mrpiglr/.ops/bin/ops run aethex-kernel-v1
+
+To deploy to AWS/GCP:
+    /home/mrpiglr/.ops/bin/ops image create -c ops.json -i aethex-kernel-v1 -t aws
diff --git a/capacitor.config.ts b/capacitor.config.ts
index 7bc36cc..ce00311 100644
--- a/capacitor.config.ts
+++ b/capacitor.config.ts
@@ -10,26 +10,15 @@ const config: CapacitorConfig = {
   appName: 'AeThex OS',
   webDir: 'dist/public',
   server: {
-    androidScheme: 'https',
-    iosScheme: 'https',
-    // Live reload: point to dev server instead of bundled assets
-    ...(isLiveReload && {
-      url: serverUrl,
-      cleartext: true, // Allow HTTP for local development
-    }),
+    // androidScheme: 'http', // Disable explicit http scheme, let it fall back to file or default
+    url: undefined, // Ensure no server URL is set
+    cleartext: true,
   },
   plugins: {
     SplashScreen: {
-      launchShowDuration: 2000,
+      launchShowDuration: 0,
       launchAutoHide: true,
-      launchFadeOutDuration: 500,
-      backgroundColor: '#0a0a0a',
-      androidSplashResourceName: 'splash',
-      androidScaleType: 'CENTER_CROP',
-      showSpinner: true,
-      androidSpinnerStyle: 'small',
-      iosSpinnerStyle: 'small',
-      spinnerColor: '#DC2626',
+      backgroundColor: '#000000',
       splashFullScreen: true,
       splashImmersive: true
     },
@@ -65,15 +54,15 @@ const config: CapacitorConfig = {
     captureInput: true,
     webContentsDebuggingEnabled: true,
     // Allow cleartext (HTTP) for live reload
-    ...(isLiveReload && {
+    ...(isLiveReload ? {
       allowMixedContent: true,
-    }),
+    } : {}),
   },
   ios: {
     // iOS-specific live reload settings
-    ...(isLiveReload && {
+    ...(isLiveReload ? {
       limitsNavigationsToAppBoundDomains: false,
-    }),
+    } : {}),
   },
 };
 
diff --git a/client/public/sw.js b/client/public/sw.js
index 751011e..4cfe419 100644
--- a/client/public/sw.js
+++ b/client/public/sw.js
@@ -1,6 +1,7 @@
 // Service Worker for PWA functionality
-const CACHE_NAME = 'aethex-v1';
+const CACHE_NAME = 'aethex-v3';
 const urlsToCache = [
+
   '/',
   '/mobile',
   '/home',
diff --git a/client/public/test.html b/client/public/test.html
new file mode 100644
index 0000000..da759f7
--- /dev/null
+++ b/client/public/test.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Test Page</title>
+    <style>
+        body {
+            background-color: #00FF00; /* Bright Green */
+            color: black;
+            font-size: 40px;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+            margin: 0;
+        }
+    </style>
+</head>
+<body>
+    <div>
+        <h1>TEST FILE LOADED</h1>
+        <p>If you see this, file access is working.</p>
+    </div>
+    <script>
+        console.log("Test file loaded successfully");
+        document.body.style.backgroundColor = "#00FF00";
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/client/src/pages/terminal.tsx b/client/src/pages/terminal.tsx
index aee1394..2cd8163 100644
--- a/client/src/pages/terminal.tsx
+++ b/client/src/pages/terminal.tsx
@@ -153,8 +153,17 @@ export default function Terminal() {
         ]);
         break;
 
+      case 'build':
+      case 'migrate-status':
+      case 'migrate':
+      case 'seed':
+      case 'test':
+        executeCliCommand(command);
+        break;
+
       default:
         setLines((prev) => [
+
           ...prev,
           {
             type: 'error',
@@ -186,25 +195,25 @@ export default function Terminal() {
     setCliStatus("idle");
   };
 
-  const startCli = async () => {
+  const executeCliCommand = async (cmd: string) => {
     if (cliStatus === "running") return;
     setCliStatus("running");
-    appendCliLine('system', `▸ Running ${cliCommand}...`);
-    toast({ title: "CLI", description: `Started ${cliCommand}`, variant: "default" });
+    appendCliLine('system', `▸ Running ${cmd}...`);
+    toast({ title: "CLI", description: `Started ${cmd}`, variant: "default" });
 
     try {
       const res = await fetch('/api/admin/cli/start', {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         credentials: 'include',
-        body: JSON.stringify({ command: cliCommand })
+        body: JSON.stringify({ command: cmd })
       });
 
       if (!res.ok) {
         const text = await res.text();
         appendCliLine('error', `Start failed: ${text || res.status}`);
         setCliStatus("error");
-        toast({ title: "CLI Error", description: `Failed to start ${cliCommand}`, variant: "destructive" });
+        toast({ title: "CLI Error", description: `Failed to start ${cmd}`, variant: "destructive" });
         return;
       }
 
@@ -222,15 +231,15 @@ export default function Terminal() {
       es.addEventListener('error', (evt) => {
         appendCliLine('error', 'Stream error');
         setCliStatus("error");
-        toast({ title: "CLI Error", description: `Stream error for ${cliCommand}`, variant: "destructive" });
+        toast({ title: "CLI Error", description: `Stream error for ${cmd}`, variant: "destructive" });
         es.close();
       });
 
       es.addEventListener('done', (evt) => {
         const status = evt.data === 'success' ? 'done' : 'error';
         setCliStatus(status as any);
-        appendCliLine(status === 'done' ? 'system' : 'error', `▸ ${cliLabel || cliCommand} ${status}`);
-        toast({ title: status === 'done' ? "CLI Success" : "CLI Failed", description: `${cliLabel || cliCommand} ${status}` });
+        appendCliLine(status === 'done' ? 'system' : 'error', `▸ ${data.label || cmd} ${status}`);
+        toast({ title: status === 'done' ? "CLI Success" : "CLI Failed", description: `${data.label || cmd} ${status}` });
         es.close();
         currentRunId.current = null;
       });
@@ -238,10 +247,13 @@ export default function Terminal() {
     } catch (err) {
       appendCliLine('error', 'Failed to start CLI command');
       setCliStatus("error");
-      toast({ title: "CLI Error", description: `Failed to start ${cliCommand}`, variant: "destructive" });
+      toast({ title: "CLI Error", description: `Failed to start ${cmd}`, variant: "destructive" });
     }
   };
 
+  const startCli = () => executeCliCommand(cliCommand);
+
+
   const handleKeyDown = (e: React.KeyboardEvent<HTMLInputElement>) => {
     if (e.key === 'Enter') {
       processCommand(input);
diff --git a/debug_run.log b/debug_run.log
new file mode 100644
index 0000000..81ce410
--- /dev/null
+++ b/debug_run.log
@@ -0,0 +1,73 @@
+
+> rest-express@1.0.0 build:kernel
+> bash script/build-unikernel.sh
+
+═══════════════════════════════════════════════════════════════
+  AeThex OS - Unikernel Builder
+  Target: Nanos Unikernel (Bootable Image)
+═══════════════════════════════════════════════════════════════
+[*] Detected Windows Environment (MinGW/Git Bash).
+[*] Switching to WSL Context...
+[plugin vite:reporter] 
+(!) C:/Users/PCOEM/AeThexOS/AeThex-OS/node_modules/@capacitor/camera/dist/esm/index.js is dynamically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts, C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-device-camera.ts but also statically imported by C:/Users/PCOEM/AeThexOS/AeThex-OS/client/src/hooks/use-native-features.ts, dynamic import will not move module into another chunk.
+
+
+(!) Some chunks are larger than 500 kB after minification. Consider:
+- Using dynamic import() to code-split the application
+- Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/configuration-options/#output-manualchunks
+- Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
+
+  dist\index.js  1.5mb
+
+Done in 463ms
+m    4.62 kB │ gzip:   1.43 kB
+../dist/public/assets/holographic_digital_security_seal_for_certification-DujiIi4u.png    557.88 kB
+../dist/public/assets/dark_subtle_digital_grid_texture-CW2Q0w3T.png                       965.43 kB
+../dist/public/assets/abstract_holographic_world_map_data_visualization-DA4sQHBK.png    1,343.40 kB
+../dist/public/assets/dark_digital_circuit_board_background-CqDjO0Wd.png                1,577.40 kB
+../dist/public/assets/index-C25YaYOI.css                                                  226.22 kB │ gzip:  29.40 kB
+../dist/public/assets/web-DZ3HkAbg.js                                                       0.12 kB │ gzip:   0.13 kB
+../dist/public/assets/web-DPJCvkTF.js                                                       0.28 kB │ gzip:   0.23 kB
+../dist/public/assets/web-a24r8sCo.js                                                       0.36 kB │ gzip:   0.25 kB
+../dist/public/assets/web-BPkARqmR.js                                                       0.38 kB │ gzip:   0.25 kB
+../dist/public/assets/web-DiUCUXaM.js                                                       0.42 kB │ gzip:   0.20 kB
+../dist/public/assets/web-jfjrrehZ.js                                                       0.76 kB │ gzip:   0.35 kB
+../dist/public/assets/web-DLPSmpR2.js                                                       0.90 kB │ gzip:   0.46 kB
+../dist/public/assets/web-D9jibmwr.js                                                       0.90 kB │ gzip:   0.47 kB
+../dist/public/assets/web-B4eFBhIm.js                                                       1.06 kB │ gzip:   0.34 kB
+../dist/public/assets/web-DjK0eNnT.js                                                       1.15 kB │ gzip:   0.55 kB
+../dist/public/assets/web-C68zp4qU.js                                                       2.44 kB │ gzip:   1.09 kB
+../dist/public/assets/web-CONwI-Dv.js                                                       3.45 kB │ gzip:   1.10 kB
+../dist/public/assets/web-BO91sTaU.js                                                       8.67 kB │ gzip:   2.95 kB
+../dist/public/assets/index-CJvwTLjS.js                                                 1,766.52 kB │ gzip: 471.18 kB
+✓ built in 20.35s
+building server...
+[*] Updating OPS package list...
+[*] Building Unikernel Image...
+    Running: /home/mrpiglr/.ops/bin/ops pkg load eyberg/node:v18.12.1 ...
+warning: overwriting existing file "/dist/index.js" hostpath old: dist/index.js new: "/mnt/c/Users/PCOEM/AeThexOS/AeThex-OS//dist/index.js"
+running local instance
+booting /home/mrpiglr/.ops/images/aethex-kernel-v1 ...
+[0.535697] en1: assigned 10.0.2.15
+⚠️  Node.js 18 and below are deprecated and will no longer be supported in future versions of @supabase/supabase-js. Please upgrade to Node.js 20 or later. For more information, visit: https://github.com/orgs/supabase/discussions/37217
+[dotenv@17.2.3] injecting env (8) from .env -- tip: 🗂️ backup and recover secrets: https://dotenvx.com/ops
+[dotenv@17.2.3] injecting env (0) from .env -- tip: ⚙️  write to custom object with { processEnv: myObject }
+Warning: connect.session() MemoryStore is not
+designed for a production environment, as it will leak
+memory, and will not scale past a single process.
+8:23:30 AM [websocket] WebSocket server initialized
+[DEBUG] Static File Setup - CWD: /, __dirname: /dist
+[DEBUG] Final Static Path: /dist/public
+[DEBUG] Found 19 assets in /dist/public/assets
+8:23:30 AM [express] serving on port 8080
+8:23:30 AM [websocket] WebSocket available at ws://localhost:8080/socket.io
+[2.411799] en1: assigned FE80::88A5:54FF:FE60:88D0
+(node:2) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time
+(Use `node --trace-warnings ...` to show where the warning was created)
+[DEBUG] 404 for static asset: /assets/index-CLzw3Hhb.js
+[DEBUG] 404 for static asset: /assets/index-CLzw3Hhb.js
+[DEBUG] 404 for static asset: /assets/index-CLzw3Hhb.js
+[DEBUG] 404 for static asset: /assets/index-CLzw3Hhb.js
+[DEBUG] SPA Fallback for: /mobile
+[DEBUG] SPA Fallback for: /home
+[DEBUG] 404 for static asset: /assets/index-CLzw3Hhb.js
diff --git a/instance.log b/instance.log
new file mode 100644
index 0000000..51deab6
--- /dev/null
+++ b/instance.log
@@ -0,0 +1,2 @@
+booting aethex-kernel-v1-1770277813 ...
+onprem instance 'aethex-kernel-v1-1770277813' created...
diff --git a/ops.json b/ops.json
new file mode 100644
index 0000000..eea5856
--- /dev/null
+++ b/ops.json
@@ -0,0 +1,22 @@
+{
+  "Args": ["/dist/index.js"],
+  "Dirs": [
+    "dist"
+  ],
+  "Files": [
+    ".env"
+  ],
+  "Env": {
+    "NODE_ENV": "production",
+    "PORT": "8080"
+  },
+  "RunConfig": {
+    "Memory": "2G",
+    "CPUs": 2,
+    "Ports": ["8080"]
+  },
+  "CloudConfig": {
+    "ProjectID": "aethex-os",
+    "BucketName": "aethex-releases"
+  }
+}
diff --git a/os/shell/systemd/aethex-runtime-selector.service b/os/shell/systemd/aethex-runtime-selector.service
index 43605c8..cdea927 100644
--- a/os/shell/systemd/aethex-runtime-selector.service
+++ b/os/shell/systemd/aethex-runtime-selector.service
@@ -1,6 +1,6 @@
 [Unit]
 Description=AeThex Runtime Selector
-After=graphical.target
+After=network.target
 Wants=aethex-desktop.service
 
 [Service]
diff --git a/package-lock.json b/package-lock.json
index a35de68..f70bf63 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -129,6 +129,7 @@
         "@vitest/ui": "^4.0.16",
         "autoprefixer": "^10.4.21",
         "concurrently": "^9.2.1",
+        "cross-env": "^10.1.0",
         "drizzle-kit": "^0.31.4",
         "esbuild": "^0.25.0",
         "playwright-chromium": "^1.57.0",
@@ -746,6 +747,13 @@
       "dev": true,
       "license": "Apache-2.0"
     },
+    "node_modules/@epic-web/invariant": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@epic-web/invariant/-/invariant-1.0.0.tgz",
+      "integrity": "sha512-lrTPqgvfFQtR/eY/qkIzp98OGdNJu0m5ji3q/nJI8v3SXkRKEnWiOxMmbvcSoAIzv/cGiuvRy57k4suKQSAdwA==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/@esbuild-kit/core-utils": {
       "version": "3.3.2",
       "resolved": "https://registry.npmjs.org/@esbuild-kit/core-utils/-/core-utils-3.3.2.tgz",
@@ -5766,6 +5774,24 @@
       "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==",
       "license": "MIT"
     },
+    "node_modules/cross-env": {
+      "version": "10.1.0",
+      "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-10.1.0.tgz",
+      "integrity": "sha512-GsYosgnACZTADcmEyJctkJIoqAhHjttw7RsFrVoJNXbsWWqaq6Ym+7kZjq6mS45O0jij6vtiReppKQEtqWy6Dw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@epic-web/invariant": "^1.0.0",
+        "cross-spawn": "^7.0.6"
+      },
+      "bin": {
+        "cross-env": "dist/bin/cross-env.js",
+        "cross-env-shell": "dist/bin/cross-env-shell.js"
+      },
+      "engines": {
+        "node": ">=20"
+      }
+    },
     "node_modules/cross-spawn": {
       "version": "7.0.6",
       "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
diff --git a/package.json b/package.json
index 69dabfc..ee0fd41 100644
--- a/package.json
+++ b/package.json
@@ -5,11 +5,12 @@
   "license": "MIT",
   "scripts": {
     "dev:client": "vite dev --port 5000",
-    "dev": "NODE_ENV=development tsx server/index.ts",
+    "dev": "cross-env NODE_ENV=development tsx server/index.ts",
     "dev:tauri": "cd shell/aethex-shell && npm run tauri dev",
     "build": "tsx script/build.ts",
     "build:tauri": "cd shell/aethex-shell && npm run tauri build",
     "build:mobile": "npm run build && npx cap sync",
+    "build:kernel": "bash script/build-unikernel.sh",
     "android": "npx cap open android",
     "ios": "npx cap open ios",
     "cap:live-reload": "tsx script/capacitor-live-reload.ts",
@@ -17,7 +18,7 @@
     "cap:live-reload:ios": "tsx script/capacitor-live-reload.ts --ios",
     "cap:production": "tsx script/capacitor-production.ts",
     "dev:mobile": "npm run cap:live-reload && concurrently \"npm run dev\" \"echo 'Dev server started. Open Android Studio or Xcode to run the app.'\"",
-    "start": "NODE_ENV=production node dist/index.js",
+    "start": "cross-env NODE_ENV=production node dist/index.js",
     "check": "tsc",
     "db:push": "drizzle-kit push",
     "tauri": "cd shell/aethex-shell && npm run tauri",
@@ -147,6 +148,7 @@
     "@vitest/ui": "^4.0.16",
     "autoprefixer": "^10.4.21",
     "concurrently": "^9.2.1",
+    "cross-env": "^10.1.0",
     "drizzle-kit": "^0.31.4",
     "esbuild": "^0.25.0",
     "playwright-chromium": "^1.57.0",
diff --git a/run.log b/run.log
new file mode 100644
index 0000000..20a38b6
--- /dev/null
+++ b/run.log
@@ -0,0 +1,2 @@
+error: aethex-kernel-v1: stat /home/mrpiglr/.ops/aethex-kernel-v1: no such file or directory
+
diff --git a/run_full.log b/run_full.log
new file mode 100644
index 0000000..078c499
--- /dev/null
+++ b/run_full.log
@@ -0,0 +1 @@
+2026/02/05 00:45:16 only ELF binaries are supported. Is this a Linux binary? run "file /home/mrpiglr/.ops/images/aethex-kernel-v1" on it
diff --git a/script/build-unikernel.sh b/script/build-unikernel.sh
new file mode 100644
index 0000000..91ca170
--- /dev/null
+++ b/script/build-unikernel.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+set -e
+
+# AeThex OS - Unikernel Build Script (OPS)
+# Requires 'ops' (https://ops.city)
+
+echo "═══════════════════════════════════════════════════════════════"
+echo "  AeThex OS - Unikernel Builder"
+echo "  Target: Nanos Unikernel (Bootable Image)"
+echo "═══════════════════════════════════════════════════════════════"
+
+# 0. Check for MinGW/Git Bash (Windows NPM environment)
+if [ -n "$MSYSTEM" ] || [[ "$OSTYPE" == "msys" ]] || [[ "$OSTYPE" == "cygwin" ]]; then
+    echo "[*] Detected Windows Environment (MinGW/Git Bash)."
+    echo "[*] Switching to WSL Context..."
+    
+    # Convert the current script path to a WSL path
+    # $0 is likely "script/build-unikernel.sh"
+    # We assume the current directory is the project root in Windows format, accessible via /mnt/c
+    
+    # Simple re-execution in WSL, assuming we are at project root
+    wsl bash script/build-unikernel.sh
+    exit $?
+fi
+
+# Try to find 'ops' in various ways
+OPS_CMD=""
+
+# 1. Check if 'ops' is already in PATH
+if command -v ops &> /dev/null; then
+    OPS_CMD="ops"
+fi
+
+# 2. Hardcoded check for known user 'mrpiglr' (The specific fix)
+if [ -z "$OPS_CMD" ]; then
+    if [ -f "/home/mrpiglr/.ops/bin/ops" ]; then
+        OPS_CMD="/home/mrpiglr/.ops/bin/ops"
+    fi
+fi
+
+# 3. Check current user's Linux home
+if [ -z "$OPS_CMD" ]; then
+    LINUX_USER=$(whoami)
+    if [ -f "/home/$LINUX_USER/.ops/bin/ops" ]; then
+        OPS_CMD="/home/$LINUX_USER/.ops/bin/ops"
+    fi
+fi
+
+# 4. Final check
+if [ -z "$OPS_CMD" ]; then
+    echo "[!] OPS binary not found."
+    echo "    Checked: PATH, /home/mrpiglr/.ops/bin/ops"
+    echo "    Please run this command directly in your WSL terminal:"
+    echo "       export PATH=\$PATH:\$HOME/.ops/bin"
+    echo "       bash script/build-unikernel.sh"
+    exit 1
+fi
+
+echo "[*] Using OPS binary: $OPS_CMD"
+
+if [ ! -d "dist" ]; then
+    echo "[!] 'dist' directory not found. Building project..."
+    npm run build
+fi
+
+echo "[*] Updating OPS package list..."
+$OPS_CMD update
+
+echo "[*] Building Unikernel Image..."
+
+# Try fully qualified name format: account/package:version
+PACKAGE="eyberg/node:v18.12.1"
+
+echo "    Running: $OPS_CMD pkg load $PACKAGE ..."
+if ! $OPS_CMD pkg load $PACKAGE -c ops.json -i aethex-kernel-v1; then
+    echo "[!] $PACKAGE failed."
+    
+    # Fallback to another format seen in the list
+    PACKAGE="eyberg/node:20.5.0"
+    echo "    Trying fallback: $PACKAGE ..."
+    $OPS_CMD pkg load $PACKAGE -c ops.json -i aethex-kernel-v1
+fi
+
+echo ""
+echo "[✓] Build Complete."
+echo "    Image: ~/.ops/images/aethex-kernel-v1"
+echo ""
+echo "To boot the kernel:"
+echo "    $OPS_CMD run aethex-kernel-v1"
+echo ""
+echo "To deploy to AWS/GCP:"
+echo "    $OPS_CMD image create -c ops.json -i aethex-kernel-v1 -t aws"
diff --git a/script/build.ts b/script/build.ts
index 0daf290..e4de3cd 100644
--- a/script/build.ts
+++ b/script/build.ts
@@ -6,10 +6,13 @@ import { rm, readFile } from "fs/promises";
 // which helps cold start times
 const allowlist = [
   "@google/generative-ai",
+  "@supabase/supabase-js",
   "axios",
+  "bcrypt",
   "connect-pg-simple",
   "cors",
   "date-fns",
+  "dotenv",
   "drizzle-orm",
   "drizzle-zod",
   "express",
@@ -24,6 +27,7 @@ const allowlist = [
   "passport",
   "passport-local",
   "pg",
+  "socket.io",
   "stripe",
   "uuid",
   "ws",
@@ -56,7 +60,7 @@ async function buildAll() {
     entryPoints: ["server/index.ts"],
     platform: "node",
     bundle: true,
-    format: "esm",
+    format: "cjs",
     outfile: "dist/index.js",
     define: {
       "process.env.NODE_ENV": '"production"',
@@ -65,9 +69,6 @@ async function buildAll() {
     sourcemap: enableSourcemap,
     external: externals,
     logLevel: "info",
-    banner: {
-      js: "import { createRequire } from 'module'; import { fileURLToPath } from 'url'; import { dirname } from 'path'; const require = createRequire(import.meta.url); const __filename = fileURLToPath(import.meta.url); const __dirname = dirname(__filename);",
-    },
   });
 }
 
diff --git a/server/index.ts b/server/index.ts
index bae0b11..63622d4 100644
--- a/server/index.ts
+++ b/server/index.ts
@@ -21,8 +21,11 @@ app.get("/health", (_req, res) => {
 
 // API status endpoint (moved from root to /api/status)
 app.get("/api/status", (_req, res) => {
+  const isKernel = process.env.OPS_Version ? true : false;
+  
   res.json({
-    status: "AeThex OS Kernel: ONLINE",
+    status: isKernel ? "AeThex OS Unikernel: ONLINE" : "AeThex OS Simulation: ONLINE",
+    mode: isKernel ? "KERNEL_NATIVE" : "HOSTED_SIMULATION",
     version: "1.0.0",
     endpoints: {
       link: "/api/os/link/*",
@@ -49,13 +52,22 @@ if (process.env.NODE_ENV === "production" && !sessionSecret) {
 
 // Session configuration with security best practices
 const isProduction = process.env.NODE_ENV === "production";
+
+// For Unikernel local testing (localhost:8080), we must disable secure cookies
+// because there is no SSL termination in the kernel itself yet.
+// We detect if we are running in OPS/Nanos via the environment, or just assume
+// that if we are "production" but not explicitly requiring HTTPS, we might be in a kernel.
+// A safer check: if we are in OPS, process.env.OPS_Version might be present (if set),
+// OR we can just relax this for now to fix the login loop.
+const isSecure = isProduction && process.env.REQUIRE_HTTPS === "true";
+
 app.use(
   session({
     secret: sessionSecret || "dev-only-secret-not-for-prod",
     resave: false,
     saveUninitialized: false,
     cookie: {
-      secure: isProduction,
+      secure: isSecure,
       httpOnly: true,
       sameSite: "lax",
       maxAge: 7 * 24 * 60 * 60 * 1000, // 7 days
@@ -64,6 +76,7 @@ app.use(
   })
 );
 
+
 app.use(
   express.json({
     verify: (req, _res, buf) => {
diff --git a/server/static.ts b/server/static.ts
index f5071cc..e2179b6 100644
--- a/server/static.ts
+++ b/server/static.ts
@@ -3,17 +3,32 @@ import fs from "fs";
 import path from "path";
 
 export function serveStatic(app: Express) {
-  const distPath = path.resolve(__dirname, "public");
+  // Robust path resolution for Unikernel environment
+  const cwd = process.cwd();
+  let distPath = path.resolve(__dirname, "public");
+
+  // Fallback: If __dirname based path fails, try relative to CWD
   if (!fs.existsSync(distPath)) {
-    throw new Error(
-      `Could not find the build directory: ${distPath}, make sure to build the client first`,
-    );
+    // Assuming structure is /dist/public or just /public depending on how CWD is set
+    const altPath = path.join(cwd, "dist", "public");
+    if (fs.existsSync(altPath)) {
+        distPath = altPath;
+    } else {
+        // Try just "public" if CWD is already inside dist (unlikely but possible)
+        const rootPublic = path.join(cwd, "public");
+        if (fs.existsSync(rootPublic)) distPath = rootPublic;
+    }
+  }
+
+  if (!fs.existsSync(distPath)) {
+    throw new Error(`Could not find the build directory: ${distPath}`);
   }
 
   app.use(express.static(distPath));
 
   // fall through to index.html if the file doesn't exist
-  app.use("*", (_req, res) => {
+  app.use("*", (req, res) => {
     res.sendFile(path.resolve(distPath, "index.html"));
   });
 }
+
diff --git a/wget-log.4 b/wget-log.4
new file mode 100644
index 0000000..85d855d
--- /dev/null
+++ b/wget-log.4
@@ -0,0 +1 @@
+2026-02-05 03:04:55 URL:http://archive.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.8.1-2ubuntu2_amd64.deb [766558/766558] -> "/mnt/c/Users/PCOEM/AeThexOS/AeThex-OS/aethex-linux-build/rootfs//var/cache/apt/archives/partial/passwd_1%3a4.8.1-2ubuntu2_amd64.deb" [1]